5 matches found
CVE-2025-11805
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
CVE-2025-11805
The CVE CVE-2025-11805 concerns the WordPress plugin Skip to Timestamp (versions
CVE-2025-11805 Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skipto' shortcode in all versions up to, and including, 1.4.4. This is due to insufficient input sanitization and output escaping on the 'time' attribute. This makes it possible for authenticated...
WordPress Skip to Timestamp plugin <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zakaria in WordPress Plugin Skip to Timestamp versions = 1.4.4...
WordPress plugin Skip to Timestamp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...