Lucene search
K

5 matches found

Circl
Circl
added 2025/05/29 6:26 a.m.20 views

CVE-2025-4583

creationtimestamp| type| source ---|---|--- 2025-05-29 06:26:44+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqc3juctenz2 2025-05-29 09:41:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqcghjclxc2r...

5.4CVSS7AI score0.00188EPSS
Exploits0References2
NVD
NVD
added 2025/05/29 5:15 a.m.9 views

CVE-2025-4583

The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-plugin attribute in all versions up to, and including, 6.9.0 Free and 6.8.0 Pro due to insufficient input sanitization and output escaping. This makes it...

5.4CVSS0.00188EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/29 4:23 a.m.12 views

CVE-2025-4583 Smash Balloon Instagram Feed <= 6.9.0 (Free) & <= 6.8.0 (Pro) - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-plugin` Attribute

The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-plugin attribute in all versions up to, and including, 6.9.0 Free and 6.8.0 Pro due to insufficient input sanitization and output escaping. This makes it...

5.4CVSS6AI score0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/29 4:23 a.m.15 views

CVE-2025-4583 Smash Balloon Instagram Feed <= 6.9.0 (Free) & <= 6.8.0 (Pro) - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-plugin` Attribute

The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-plugin attribute in all versions up to, and including, 6.9.0 Free and 6.8.0 Pro due to insufficient input sanitization and output escaping. This makes it...

5.4CVSS0.00188EPSS
Exploits0References2
CVE
CVE
added 2025/05/29 4:23 a.m.103 views

CVE-2025-4583

CVE-2025-4583 affects the Smash Balloon Social Photo Feed – Easy Social Feeds Plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting flaw in the data-plugin attribute present in all versions up to 6.9.0, exploitable by authenticated attackers with Contributor-level access and ab...

5.4CVSS5.9AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder