5 matches found
CVE-2025-23786
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Email to Download email-to-download allows Reflected XSS.This issue affects Email to Download: from n/a through = 3.1.0...
CVE-2025-23786
creationtimestamp| type| source ---|---|--- 2025-02-14 13:17:26+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li5bzirf6m2i 2025-02-14 14:38:48+00:00| seen| https://infosec.exchange/users/cve/statuses/114002750893462072...
CVE-2025-23786 WordPress Email to Download Plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Email to Download email-to-download allows Reflected XSS.This issue affects Email to Download: from n/a through = 3.1.0...
CVE-2025-23786
CVE-2025-23786 is a reflected XSS vulnerability in the WordPress plugin Email to Download (vulnerable up to 3.1.0). The issue is caused by improper neutralization of user input during web page generation, enabling an attacker to inject executable script via input that is reflected in the page. Pu...
CVE-2025-23786 WordPress Email to Download Plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Email to Download email-to-download allows Reflected XSS.This issue affects Email to Download: from n/a through = 3.1.0...