WordPress Digiseller plugin cross-site scripting vulnerability

WordPress Digiseller plugin is a plugin that is mainly used to help users integrate digital merchandising features in their websites. A cross-site scripting vulnerability exists in the WordPress Digiseller plugin, which stems from a lack of effective filtering and escaping of the ds shortcode, an...

CVE-2025-10141

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ds' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

CVE-2025-10141

The CVE CVE-2025-10141 affects the WordPress Digiseller plugin (up to version 1.3.0) via the ds shortcode. Root cause: insufficient input sanitization and output escaping on user-supplied attributes, enabling Stored XSS. Impact: authenticated attackers (contributor+ level) can inject scripts that...

CVE-2025-10141 Digiseller <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ds' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

CVE-2025-10141 Digiseller <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ds' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

EUVD-2025-34538

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ds' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

WordPress Digiseller plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Digiseller versions = 1.3.0...

WordPress plugin Digiseller 跨站脚本漏洞

WordPress Digiseller plugin is a plugin that is mainly used to help users integrate digital merchandising features in their websites. A cross-site scripting vulnerability exists in the WordPress Digiseller plugin, which stems from a lack of effective filtering and escaping of the ds shortcode, an...