Lucene search
K

4 matches found

Circl
Circl
added 2025/02/20 12:41 p.m.25 views

CVE-2025-0897

creationtimestamp| type| source ---|---|--- 2025-02-20 12:41:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3limctfxykv2s 2025-02-20 13:09:09+00:00| seen| https://t.me/cvedetector/18534...

6.4CVSS8.7AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/20 8:22 a.m.13 views

CVE-2025-0897 Modal Window <= 6.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via iframeBox Shortcode

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00284EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/20 8:22 a.m.37 views

CVE-2025-0897 Modal Window <= 6.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via iframeBox Shortcode

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00284EPSS
Exploits0References4
CVE
CVE
added 2025/02/20 8:22 a.m.68 views

CVE-2025-0897

The CVE CVE-2025-0897 affects the WordPress plugin “Modal Window – create popup modal window” and is a stored Cross-Site Scripting flaw exposed through the iframeBox shortcode in versions up to 6.1.5. The issue stems from insufficient input sanitization and output escaping of user-provided attrib...

6.4CVSS5.8AI score0.00284EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder