5 matches found
CVE-2025-23865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressfore Winning Portfolio winning-portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through = 1.1...
CVE-2025-23865
creationtimestamp| type| source ---|---|--- 2025-01-16 21:18:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7exvos32n...
CVE-2025-23865
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressfore Winning Portfolio winning-portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through = 1.1...
CVE-2025-23865
CVE-2025-23865 is a Stored XSS in the Winning Portfolio WordPress plugin caused by improper input neutralization during web page generation. Affected range is listed as up to version 1.1 (exact patched version not provided). Connected Red Hat and ENISA entries repeat the same description. No expl...
CVE-2025-23865 WordPress Winning Portfolio plugin <= 1.1 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pressfore Winning Portfolio winning-portfolio allows Stored XSS.This issue affects Winning Portfolio: from n/a through = 1.1...