Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.8 views

PT-2025-51044

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress is vulnerable to unauthorized tracking settings modification due to missing authorization validation on the employee spotlight check optin function in all versions up to, and including, 5.1.3. This makes it possibl...

5.3CVSS5.6AI score0.002EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/02 5:44 a.m.14 views

CVE-2025-12090

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/01 6:30 a.m.5 views

EUVD-2025-37423

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS4.6AI score0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/01 5:40 a.m.7 views

CVE-2025-12090 Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00176EPSS
Exploits0References2
CVE
CVE
added 2025/11/01 5:40 a.m.21 views

CVE-2025-12090

CVE-2025-12090 : WordPress plugin Employee Spotlight – Team Member Showcase & Meet the Team prior to 5.1.3 is vulnerable to Stored Cross-Site Scripting via Social URLs. Exploitation requires authenticated access at least at the Contributor level; attackers can inject scripts that run when users v...

6.4CVSS4.7AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/01 12:0 a.m.7 views

PT-2025-44712

Name of the Vulnerable Software and Affected Versions Employee Spotlight – Team Member Showcase & Meet the Team Plugin versions prior to 5.1.3 Description The Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress is susceptible to Stored Cross-Site Scripting through Socia...

6.4CVSS5.2AI score0.00176EPSS
Exploits0References8
Patchstack
Patchstack
added 2025/09/23 2:10 a.m.8 views

WordPress Employee Spotlight plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Employee Spotlight versions = 5.1.0...

6.5CVSS5.8AI score0.00159EPSS
Exploits0Affected Software1
Rows per page
Query Builder