4 matches found
CVE-2025-23809
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through = 2.1.0...
CVE-2025-23809
creationtimestamp| type| source ---|---|--- 2025-01-22 16:01:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2558 2025-01-22 16:16:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdrc7hgsg2x 2025-01-22 16:44:53+00:00| seen|...
CVE-2025-23809 WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through = 2.1.0...
CVE-2025-23809
CVE-2025-23809 describes a Reflected XSS in the NotFound Blue Wrench Video Widget (affecting Blue Wrench Video Widget: from n/a through 2.1.0). The vulnerability arises from improper neutralization of input during web page generation. CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with bas...