Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.17 views

CVE-2025-4955

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

4.7CVSS6.6AI score0.0032EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/06/18 8:8 a.m.7 views

WordPress tarteaucitron.io plugin < 1.9.5 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin tarteaucitron.js – Cookies legislation & GDPR versions 1.9.5...

4.7CVSS5.9AI score0.0032EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2025/06/18 7:58 a.m.17 views

CVE-2025-4955

creationtimestamp| type| source ---|---|--- 2025-06-18 07:58:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrujyp4dhw2o...

4.7CVSS6.7AI score0.0032EPSS
Exploits1References1
NVD
NVD
added 2025/06/18 6:15 a.m.7 views

CVE-2025-4955

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

4.7CVSS0.0032EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/18 6:0 a.m.17 views

CVE-2025-4955 tarteaucitron.io < 1.9.5 - Contributor+ Stored XSS

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing these parameters correctly, which could allow users with the contributor role and above to perform Stored Cross-site Scripting attacks...

0.0032EPSS
Exploits1References1
Rows per page
Query Builder