2 matches found
CVE-2025-1452
creationtimestamp| type| source ---|---|--- 2025-03-25 06:23:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8599 2025-03-25 08:49:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll6va2jd2t26 2025-03-25 09:27:46+00:00| seen| https://t.me/cvedetector/21...
CVE-2025-1452
The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...