3 matches found
CVE-2025-4595
creationtimestamp| type| source ---|---|--- 2025-05-31 07:11:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqh6zaibdj42...
CVE-2025-4595 FastSpring <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The FastSpring plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fastspring/block-fastspringblocks-complete-product-catalog' block in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on the 'color' attribute. Thi...
WordPress FastSpring plugin <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin FastSpring versions = 3.0.1...