2 matches found
CVE-2025-48351
CVE-2025-48351 describes a CSRF to Stored XSS vulnerability in the WordPress plugin “Kento Splash Screen” affecting versions up to and including 1.4. The issue arises from cross-site request forgery that can lead to stored XSS payloads, with CVSS 3.1 base metrics indicating HIGH severity (7.1) an...
WordPress Kento Splash Screen plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Kento Splash Screen versions = 1.4...