4 matches found
CVE-2025-24764
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A. Jones Simply Guest Author Name guest-author-name allows DOM-Based XSS.This issue affects Simply Guest Author Name: from n/a through = 4.36...
CVE-2025-24764
The CVE-2025-24764 entry pertains to the WordPress plugin “(Simply) Guest Author Name” (versions up to 4.36) and describes a DOM-based Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Public sources in the connected docs indicate this is...
CVE-2025-28918
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A. Jones Featured Image Thumbnail Grid thumbnail-grid allows Stored XSS.This issue affects Featured Image Thumbnail Grid: from n/a through = 6.8...
CVE-2025-28918
CVE-2025-28918 : Stored XSS in WordPress plugin Featured Image Thumbnail Grid up to version 6.6.1 . Root cause: improper neutralization of input during web page generation in the plugin, enabling stored cross-site scripting. Affected product/component: WordPress Plugin – Featured Image Thumbnail ...