Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/04/28 7:27 a.m.12 views

WordPress AI Autotagger plugin < 3.30.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin TaxoPress versions 3.30.0...

3.5CVSS7.4AI score0.00219EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/04/28 6:15 a.m.15 views

CVE-2025-0627

The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

3.5CVSS0.00219EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/28 6:0 a.m.26 views

CVE-2025-0627 AI Autotagger < 3.30.0 - Admin+ Stored XSS

The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00219EPSS
Exploits1References1
CVE
CVE
added 2025/04/28 6:0 a.m.58 views

CVE-2025-0627

CVE-2025-0627 involves the WordPress Tag, Category, and Taxonomy Manager – AI Autotagger plugin (pre-3.30.0). The issue is a failure to sanitize/escape certain Widgets settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disabled (such...

3.5CVSS5.4AI score0.00219EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/28 6:0 a.m.8 views

CVE-2025-0627 AI Autotagger < 3.30.0 - Admin+ Stored XSS

The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

3.4AI score0.00219EPSS
Exploits1References1
Rows per page
Query Builder