3 matches found
CVE-2025-5234
The Gutenverse News plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘elementId’ parameter in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-5234
creationtimestamp| type| source ---|---|--- 2025-06-19 09:43:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18843 2025-06-19 13:48:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrxo263ccw2p...
CVE-2025-5234
CVE-2025-5234 affects the Gutenverse News WordPress plugin (versions up to 1.0.4). It is a Stored Cross-Site Scripting vulnerability via the elementId parameter, exploitable by authenticated attackers with Contributor-level access or higher. The payload can cause arbitrary scripts to run on pages...