3 matches found
CVE-2025-5096
The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-title', and 'data-footer' data-attributes in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. Th...
CVE-2025-5096
creationtimestamp| type| source ---|---|--- 2025-05-23 08:48:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17374 2025-05-23 11:32:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lptjtufuye2s...
WordPress TablePress plugin <= 3.1.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Multiple Parameters vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Multiple Parameters vulnerability discovered by Asaf Mozes in WordPress Plugin TablePress versions = 3.1.2...