CVE-2025-68885

Cross-Site Request Forgery CSRF vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through = 1.1.0...

CVE-2025-68885

Cross-Site Request Forgery CSRF vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through = 1.1.0...

CVE-2025-68885

CVE-2025-68885: Cross-Site Request Forgery in the Page Carbajal Custom Post Status plugin enables Stored XSS, affecting Custom Post Status up to version 1.1.0. CVSS 3.1 base 7.1 (HIGH). No exploitation details or fixes are provided in the initial or connected documents; refer to Patchstack listin...

CVE-2025-68885 WordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through = 1.1.0...

EUVD-2025-205879

Cross-Site Request Forgery CSRF vulnerability in Page Carbajal Custom Post Status allows Stored XSS.This issue affects Custom Post Status: from n/a through 1.1.0...

CVE-2025-68885 WordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in page-carbajal Custom Post Status custom-post-status allows Stored XSS.This issue affects Custom Post Status: from n/a through = 1.1.0...

WordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Skalucy in WordPress Plugin Custom Post Status versions = 1.1.0...

WordPress plugin Custom Post Status 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-54281

Name of the Vulnerable Software and Affected Versions Page Carbajal Custom Post Status versions through 1.1.0 Description A Cross-Site Request Forgery CSRF issue exists in Page Carbajal Custom Post Status, which can also lead to Stored Cross-Site Scripting XSS. The issue impacts the Custom Post...

Information Disclosure

WordPress Core is vulnerable to Sensitive Information Exposure. The vulnerability is due the redirectguess404permalink function, which can allow unauthenticated attackers to expose the slug of a custom post whose 'publiclyqueryable' post status has been set to 'false'...