Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/14 3:44 p.m.11 views

CVE-2025-28906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Thiago S.F. Skitter Slideshow wp-skitter-slideshow allows Stored XSS.This issue affects Skitter Slideshow: from n/a through = 2.5.2...

5.9CVSS7.2AI score0.00492EPSS
Exploits0References1
NVD
NVD
added 2025/03/11 9:15 p.m.7 views

CVE-2025-28906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Thiago S.F. Skitter Slideshow wp-skitter-slideshow allows Stored XSS.This issue affects Skitter Slideshow: from n/a through = 2.5.2...

5.9CVSS0.00492EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 9:0 p.m.21 views

CVE-2025-28906 WordPress Skitter Slideshow plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Thiago S.F. Skitter Slideshow wp-skitter-slideshow allows Stored XSS.This issue affects Skitter Slideshow: from n/a through = 2.5.2...

5.9CVSS0.00492EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 9:0 p.m.8 views

CVE-2025-28906 WordPress Skitter Slideshow plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Thiago S.F. Skitter Slideshow wp-skitter-slideshow allows Stored XSS.This issue affects Skitter Slideshow: from n/a through = 2.5.2...

5.9CVSS7.2AI score0.00492EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:0 p.m.77 views

CVE-2025-28906

CVE-2025-28906 concerns the WordPress plugin Skitter Slideshow (versions up to and including 2.5.2). The issue is a Stored XSS caused by insufficient input sanitization and output escaping. Exploitation requires authenticated administrator+ access, enabling injection of stored scripts that could ...

5.9CVSS7.2AI score0.00492EPSS
Exploits0References1
Rows per page
Query Builder