3 matches found
CVE-2025-4055
creationtimestamp| type| source ---|---|--- 2025-05-07 02:21:34+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15241 2025-05-07 04:26:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lokkl32jpy2o 2025-05-07 07:12:44+00:00| seen| https://t.me/cvedetector/24662...
CVE-2025-4055
CVE-2025-4055 affects the WordPress plugin Multiple Post Type Order (versions up to and including 1.10.0). It is a Stored Cross-Site Scripting flaw in the mpto shortcode caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires authenticated ...
WordPress Multiple Post Type Order plugin <= 1.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mpto Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via mpto Shortcode vulnerability discovered by Gilang in WordPress Plugin Multiple Post Type Order versions = 1.10.0...