4 matches found
CVE-2025-2543
The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...
CVE-2025-2543
creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13206 2025-04-24 13:03:54+00:00| seen| https://t.me/cvedetector/23666 2025-04-24 14:19:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvnu3mu724...
CVE-2025-2543 Advanced Accordion Gutenberg Block <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...
WordPress Advanced Accordion Gutenberg Block plugin <= 5.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability
Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin Advanced Accordion Gutenberg Block versions = 5.0.2...