8 matches found
CVE-2025-13863
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
EUVD-2025-201520
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863
RevInsite is a WordPress plugin vulnerable to stored cross-site scripting (XSS) in versions up to 1.1.0 due to insufficient input sanitization and output escaping. The vulnerability enables an authenticated attacker with Contributor+ privileges to inject scripts via shortcode attributes (token/re...
CVE-2025-13863 RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-13863 RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the token parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress RevInsite plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by theviper17y in WordPress Plugin RevInsite versions = 1.1.0...
WordPress plugin RevInsite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...