3 matches found
CVE-2025-2889
creationtimestamp| type| source ---|---|--- 2025-04-04 23:37:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10580 2025-04-05 01:06:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llzqj6qz4f2i 2025-04-05 04:53:25+00:00| seen|...
CVE-2025-2889 Link Library <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters
The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Additional Parameters in all versions up to, and including, 7.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
WordPress Link Library plugin <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Link Additional Parameters vulnerability discovered by siavashvafshar in WordPress Plugin Link Library versions = 7.7.3...