2 matches found
CVE-2025-13740
creationtimestamp| type| source ---|---|--- 2025-12-15 08:50:04+00:00| seen| https://gist.github.com/Darkcrai86/18391249030f32481215320c18dd5c5a...
CVE-2025-13740 Lightweight Accordion <= 1.5.20 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightweight-accordion shortcode in all versions up to, and including, 1.5.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...