2 matches found
CVE-2025-0512
The Structured Content JSON-LD wpsc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's scfslocalbusiness shortcode in all versions up to, and including, 6.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-0512
CVE-2025-0512 affects the WordPress plugin Structured Content (JSON-LD) #wpsc . The vulnerability is a stored XSS in the shortcodes sc_fs_local_business, exploitable on pages with user-supplied attributes. Affected versions are up to and including 6.4.5. The exposure requires attacker access at c...