3 matches found
WordPress Script Compressor plugin <= 1.7.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin Script Compressor versions = 1.7.1...
CVE-2025-31391 WordPress Script Compressor plugin <= 1.7.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in regen Script Compressor script-compressor allows Stored XSS.This issue affects Script Compressor: from n/a through = 1.7.1...
CVE-2025-31391
CVE-2025-31391 corresponds to a CSRF-triggered Stored XSS in the WordPress plugin “Script Compressor.” Public docs indicate the affected product is Script Compressor (versions up to 1.7.1 as per initial description) and that the underlying issue combines Cross-Site Request Forgery with stored XSS...