5 matches found
Broadstreet WordPress plugin - Reflected XSS
Broadstreet WordPress plugin 1.51.8 contains a reflected XSS caused by unsanitised and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires victim interaction. id: CVE-2025-4652 info: name: Broadstreet WordPress plugin -...
CVE-2025-4652
The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Broadstreet plugin < 1.51.8 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Tommaso Gregori p1s1o in WordPress Plugin Broadstreet Ads versions 1.51.8...
CVE-2025-4652 Broadstreet < 1.51.8 - Reflected XSS
The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-4652 Broadstreet < 1.51.8 - Reflected XSS
The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...