2 matches found
CVE-2025-2874
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20240319 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress User Submitted Posts plugin <= 20241026 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Quang Bach maysbachs in WordPress Plugin User Submitted Posts versions = 20241026...