3 matches found
CVE-2025-25156
Cross-Site Request Forgery CSRF vulnerability in Stanko Metodiev Quote Comments quote-comments allows Stored XSS.This issue affects Quote Comments: from n/a through = 3.0.0...
CVE-2025-25156
CVE-2025-25156 concerns WordPress Quote Comments plugin. The affected software is Quote Comments, version range up to 2.2.1 (vulnerable). The issue is a CSRF that enables Stored XSS, as described in the CVE description. The CVSS 3.1 base score is 7.1 (HIGH) with Network attack vector, requiring u...
PT-2025-5964 · Unknown · Stanko Metodiev Quote Comments
Name of the Vulnerable Software and Affected Versions: Stanko Metodiev Quote Comments versions through 2.2.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in Stanko Metodiev Quote Comments. Recommendations: For versions through 2.2.1, update to a...