Lucene search
+L

4 matches found

CVE
CVE
added 2025/04/15 9:53 p.m.45 views

CVE-2025-26934

CVE-2025-26934 is a Stored XSS in the WordPress Glossy Blog theme (versions up to 1.0.3). The vulnerability arises from improper input neutralization during web page generation, allowing attacker-supplied content to be stored and rendered on pages. Affected product: Glossy Blog (WordPress theme) ...

6.5CVSS6.9AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/15 9:53 p.m.7 views

CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in graphthemes Glossy Blog glossy-blog allows Stored XSS.This issue affects Glossy Blog: from n/a through = 1.0.3...

6.5CVSS7.2AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/15 9:53 p.m.17 views

CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in graphthemes Glossy Blog glossy-blog allows Stored XSS.This issue affects Glossy Blog: from n/a through = 1.0.3...

6.5CVSS0.00252EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/02 12:0 a.m.4 views

WordPress Glossy Blog Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Glossy Blog Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-26934 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b4d593ddb83f Credits stealthcopter Required privilege...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder