Lucene search
K

4 matches found

NVD
NVD
added 2025/03/08 10:15 a.m.8 views

CVE-2025-1324

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.00235EPSS
Exploits0References2
Circl
Circl
added 2025/03/08 9:36 a.m.8 views

CVE-2025-1324

creationtimestamp| type| source ---|---|--- 2025-03-08 09:36:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6940 2025-03-08 12:35:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljujwouqxy2x 2025-03-08 13:30:56+00:00| seen| https://t.me/cvedetector/19894 2025-03-08...

6.4CVSS8.7AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/08 9:22 a.m.20 views

CVE-2025-1324 WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.00235EPSS
Exploits0References2
CVE
CVE
added 2025/03/08 9:22 a.m.72 views

CVE-2025-1324

CVE-2025-1324 affects the WordPress plugin WP-Recall – Registration, Profile, Commerce & More. It describes a Stored Cross-Site Scripting via the plugin’s shortcode public-form in all versions up to 16.26.10, caused by insufficient input sanitization and output escaping on user-provided attribute...

6.4CVSS5.7AI score0.00235EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder