2 matches found
CVE-2025-25072 WordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through = 1.5.0...
CVE-2025-25072
CVE-2025-25072 concerns the WP Admin Custom Page plugin (WordPress) with a CSRF to Stored XSS vulnerability affecting versions up to 1.5.0. The connected documents confirm the affected software and root cause (CSRF enabling stored XSS) but do not provide a confirmed fixed version in the supplied ...