4 matches found
CVE-2025-22281
CVE-2025-22281 (Simplish) : The connected documents confirm a stored XSS vulnerability in the WordPress Simplish theme, affecting versions up to 2.6.4. The issue is described as an authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability, arising from improper input neutralization du...
CVE-2025-22281 WordPress Simplish theme <= 2.6.4 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in joshix Simplish allows Stored XSS.This issue affects Simplish: from n/a through 2.6.4...
WordPress Simplish theme <= 2.6.4 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Simplish versions = 2.6.4...
WordPress Simplish Theme <= 2.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Simplish Type Theme Vulnerable versions = 2.6.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-22281 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 4b930d5ca50f Credits stealthcopter Required privilege Subscribe...