Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2025/04/24 5:27 p.m.8 views

WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Business Contact Widget versions = 2.7.0...

5.9CVSS7.1AI score0.00199EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/04/24 4:9 p.m.53 views

CVE-2025-46529

CVE-2025-46529 describes a stored XSS in the StressFree Sites Business Contact Widget (WordPress plugin) caused by improper input neutralization during web page generation. Affected versions are n/a through 2.7.0. Mitigation: upgrade the widget to a version later than 2.7.0 (exact fixed version n...

5.9CVSS7.2AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:9 p.m.6 views

CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

5.9CVSS8.6AI score0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/24 4:9 p.m.20 views

CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

5.9CVSS0.00199EPSS
Exploits0References1
Rows per page
Query Builder