Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:16 a.m.8 views

CVE-2025-2929

The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.1AI score0.00218EPSS
Exploits1References1
NVD
NVD
added 2025/05/20 6:15 a.m.16 views

CVE-2025-2929

The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00218EPSS
Exploits1References1
CVE
CVE
added 2025/05/20 6:0 a.m.48 views

CVE-2025-2929

The CVE-2025-2929 entry concerns WordPress plugin Order Delivery Date for WP e-Commerce (pre-12.4.0). The issue is a Reflected Cross-Site Scripting vulnerability caused by insufficient sanitisation/escaping of a parameter before echoing it on a page, with potential impact against high-privilege u...

7.1CVSS6.1AI score0.00218EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/20 6:0 a.m.11 views

CVE-2025-2929 Order Delivery Date Pro for WooCommerce < 12.4.0 - Reflected XSS

The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.5AI score0.00218EPSS
Exploits1References1
Rows per page
Query Builder