4 matches found
CVE-2025-1560
The WOW Entrance Effects WEE! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wee' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-1560
The WOW Entrance Effects WEE! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wee' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-1560 WOW Entrance Effects (WEE!) <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WOW Entrance Effects WEE! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wee' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2025-1560
CVE-2025-1560 (WOW Entrance Effects WEE!) is a stored XSS vulnerability in the WordPress plugin WOW Entrance Effects (WEE!) up to version 0.1. The issue stems from insufficient input sanitization and output escaping in the plugin’s wee shortcode attributes, allowing authenticated attackers with c...