5 matches found
CVE-2025-0718
creationtimestamp| type| source ---|---|--- 2025-03-23 09:47:47+00:00| seen| https://t.me/cvedetector/20892 2025-03-23 09:59:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkzy6ulpsw2h...
CVE-2025-0718
The Nested Pages WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-0718
CVE-2025-0718 affects the Nested Pages WordPress plugin up to 3.2.12 (vulnerability would be present before 3.2.13). It permits Stored XSS via unsanitised/unstable configuration settings, potentially abused by high-privilege users (e.g., contributors), even when unfiltered_html is disallowed. Roo...
CVE-2025-0718 Nested Pages < 3.2.13 - Contributor+ Stored XSS
The Nested Pages WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-0718 Nested Pages < 3.2.13 - Contributor+ Stored XSS
The Nested Pages WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...