4 matches found
CVE-2025-28860
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
CVE-2025-28860
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
CVE-2025-28860 WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
CVE-2025-28860
CVE-2025-28860 – Google News Editors Picks Feed Generator is a CSRF-to-Stored XSS vulnerability affecting the WordPress plugin Google News Editors Picks Feed Generator (versions up to 2.1). The issue arises from insufficient validation of requests, enabling a CSRF attacker to trigger stored XSS w...