CVE-2025-8560

CVE-2025-8560 affects the WordPress FancyTabs plugin (versions up to and including 1.1.0). A stored XSS flaw exists in the title parameter due to insufficient input sanitization/escaping. Exploitation requires at least Contributor-level access; an authenticated attacker can inject scripts that ex...

WordPress FancyTabs plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via title Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin FancyTabs versions = 1.1.0...

WordPress plugin FancyTabs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress FancyTabs plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of the title parameter, which can be exploited b...

PT-2025-39940

Name of the Vulnerable Software and Affected Versions FancyTabs plugin for WordPress versions prior to 1.1.1 Description The FancyTabs plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping in the title parameter...