2 matches found
CVE-2025-28922 WordPress Go To Top plugin <= 0.0.8 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Terence D. Go To Top go-to-top allows Stored XSS.This issue affects Go To Top: from n/a through = 0.0.8...
CVE-2025-28922
CVE-2025-28922 describes a CSRF to Stored XSS vulnerability in the WordPress Go To Top plugin (affected: versions up to 0.0.8). The issue arises from CSRF handling that enables stored cross-site scripting when a victim visits a crafted page or executes a forged request. Connected sources confirm ...