4 matches found
CVE-2025-0169
The DWT - Directory & Listing WordPress Theme is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
CVE-2025-0169
creationtimestamp| type| source ---|---|--- 2025-02-08 22:30:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113970632496105609 2025-02-08 23:15:31+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhpanftzpa2o 2025-02-09 01:46:52+00:00| seen|...
CVE-2025-0169
CVE-2025-0169 affects the DWT - Directory & Listing WordPress Theme (versions
CVE-2025-0169 DWT - Directory & Listing WordPress Theme <=3.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The DWT - Directory & Listing WordPress Theme is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...