2 matches found
WordPress Drop Caps plugin <= 2.1 - CSRF to XSS vulnerability
CSRF to XSS vulnerability discovered by johska in WordPress Plugin Drop Caps versions = 2.1...
CVE-2025-46495
Summary: CVE-2025-46495 describes a Cross-Site Request Forgery (CSRF) that enables Stored XSS in the WordPress Drop Caps plugin (versions n/a through 2.1). Affected product/versions (as provided): Drop Caps plugin for WordPress, affected up to and including version 2.1; version range starting at ...