4 matches found
CVE-2025-49453
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows Stored XSS.This issue affects BP Profile as Homepage: from n/a through = 1.1...
CVE-2025-49453 WordPress BP Profile as Homepage plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage allows Stored XSS. This issue affects BP Profile as Homepage: from n/a through 1.1...
CVE-2025-49453 WordPress BP Profile as Homepage plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jatinder Pal Singh BP Profile as Homepage bp-profile-as-homepage allows Stored XSS.This issue affects BP Profile as Homepage: from n/a through = 1.1...
CVE-2025-49453
CVE-2025-49453 is a CSRF-to-Stored XSS vulnerability in the BP Profile as Homepage WordPress plugin. The connected Red Hat and vulnerability record confirm the issue affects BP Profile as Homepage up to version 1.1, with CVSSv3.1 base score 7.1 (HIGH) and a network attack vector requiring user in...