3 matches found
CVE-2025-4099
creationtimestamp| type| source ---|---|--- 2025-05-01 05:14:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14236 2025-05-01 05:56:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo3mslbkuk2k 2025-05-01 08:58:36+00:00| seen|...
CVE-2025-4099
CVE-2025-4099 : WordPress List Children plugin (versions ≤ 2.1) is vulnerable to Stored XSS via the plugin shortcode “list_children” due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher and can inject scripts execute...
WordPress List Children plugin <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin List Children versions = 2.1...