4 matches found
CVE-2025-39381
Cross-Site Request Forgery CSRF vulnerability in Kiotviet KiotViet Sync allows Stored XSS. This issue affects KiotViet Sync: from n/a through 1.8.4...
CVE-2025-39381 WordPress KiotViet Sync plugin <= 1.8.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kiotviet KiotViet Sync allows Stored XSS. This issue affects KiotViet Sync: from n/a through 1.8.4...
CVE-2025-39381
CVE-2025-39381 describes a CSRF to Stored XSS vulnerability in KiotViet Sync for WordPress, affecting KiotViet Sync versions up to 1.8.4. The issue is confirmed across multiple sources (NVD, Red Hat, CVE list), with a CVSS v3.1 base score of 7.1 (High). Public remediation in connected documents i...
WordPress KiotViet Sync plugin <= 1.8.5 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin KiotViet Sync versions = 1.8.5...