3 matches found
CVE-2025-25156
Cross-Site Request Forgery CSRF vulnerability in Stanko Metodiev Quote Comments quote-comments allows Stored XSS.This issue affects Quote Comments: from n/a through = 3.0.0...
CVE-2025-25156
creationtimestamp| type| source ---|---|--- 2025-02-07 10:18:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqclt6h2q 2025-02-07 12:08:36+00:00| seen| https://t.me/cvedetector/17475 2025-02-07 12:53:55+00:00| seen|...
CVE-2025-25156
CVE-2025-25156 concerns WordPress Quote Comments plugin. The affected software is Quote Comments, version range up to 2.2.1 (vulnerable). The issue is a CSRF that enables Stored XSS, as described in the CVE description. The CVSS 3.1 base score is 7.1 (HIGH) with Network attack vector, requiring u...