4 matches found
CVE-2025-4579
The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-4579 WP Content Security Plugin <= 2.3 - Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields
The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-4579
Summary (CVE-2025-4579) The WP Content Security Plugin for WordPress contains an unauthenticated Stored Cross-Site Scripting (Stored XSS) vulnerability via the blocked-uri and effective-directive CSP-report fields. Root cause: insufficient input sanitization and output escaping in versions up to ...
WordPress WP Content Security Plugin plugin <= 2.3 - Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields vulnerability
Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Content Security Plugin versions = 2.3...