Lucene search
K

4 matches found

NVD
NVD
added 2025/04/24 9:15 a.m.14 views

CVE-2025-2543

The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

6.4CVSS0.00265EPSS
Exploits0References6
Circl
Circl
added 2025/04/24 9:12 a.m.9 views

CVE-2025-2543

creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13206 2025-04-24 13:03:54+00:00| seen| https://t.me/cvedetector/23666 2025-04-24 14:19:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvnu3mu724...

6.4CVSS8.7AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/24 8:23 a.m.19 views

CVE-2025-2543 Advanced Accordion Gutenberg Block <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

6.4CVSS0.00265EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/04/23 9:11 p.m.7 views

WordPress Advanced Accordion Gutenberg Block plugin <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin Advanced Accordion Gutenberg Block versions = 5.0.2...

6.4CVSS6.3AI score0.00265EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder