4 matches found
WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Business Contact Widget versions = 2.7.0...
CVE-2025-46529
CVE-2025-46529 describes a stored XSS in the StressFree Sites Business Contact Widget (WordPress plugin) caused by improper input neutralization during web page generation. Affected versions are n/a through 2.7.0. Mitigation: upgrade the widget to a version later than 2.7.0 (exact fixed version n...
CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...
CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...