2 matches found
CVE-2025-2510
creationtimestamp| type| source ---|---|--- 2025-03-25 09:24:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8635 2025-03-25 10:54:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll747p2pqt2s 2025-03-25 11:08:04+00:00| seen| https://t.me/cvedetector/21076...
CVE-2025-2510 Frndzk Expandable Bottom Bar <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via text Parameter
The Frndzk Expandable Bottom Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'text' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...