9 matches found
WordPress Attachments Handler plugin <= 1.1.7 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Attachments Handler versions = 1.1.7...
CVE-2025-12581
The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
EUVD-2025-204623
The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
CVE-2025-12581
The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
CVE-2025-12581 Attachments Handler <= 1.1.7 - Reflected Cross-Site Scripting
The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
CVE-2025-12581 Attachments Handler <= 1.1.7 - Reflected Cross-Site Scripting
The Attachments Handler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
CVE-2025-12581
CVE-2025-12581 affects the WordPress plugin Attachments Handler (versions up to 1.1.7). The vulnerability is a Reflected Cross-Site Scripting (XSS) via URL stemming from insufficient input sanitization/output escaping. It allows unauthenticated attackers to inject arbitrary scripts into pages tha...
PT-2025-52534
Name of the Vulnerable Software and Affected Versions Attachments Handler plugin for WordPress versions up to and including 1.1.7 Description The Attachments Handler plugin for WordPress is susceptible to Reflected Cross-Site Scripting through a URL parameter. Insufficient input sanitization and...
WordPress plugin Attachments Handler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...