Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/13 10:2 p.m.6 views

CVE-2025-28905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

7.1CVSS7.2AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 9:0 p.m.18 views

CVE-2025-28905 WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

7.1CVSS0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 9:0 p.m.6 views

CVE-2025-28905 WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

7.1CVSS8.6AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:0 p.m.51 views

CVE-2025-28905

CVE-2025-28905 relates to the WordPress plugin Featured Posts Grid (versions at or below 1.7). The connected docs confirm an improper handling of input during web page generation, enabling a CSRF to Stored XSS chain. The CVSS 3.1 base metrics (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) indicate network...

7.1CVSS7.2AI score0.00268EPSS
Exploits0References1
Rows per page
Query Builder