4 matches found
CVE-2025-5753
The Valuation Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-5753
creationtimestamp| type| source ---|---|--- 2025-07-23 06:43:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lumg5j5e5v2w...
CVE-2025-5753
CVE-2025-5753 : The WordPress plug‑in “Valuation Calculator” (Commercial Real Estate Valuation Calculator) is vulnerable to Stored Cross‑Site Scripting via the “link” parameter in all versions up to and including 1.3.2. An authenticated attacker with Contributor‑level access can inject scripts th...
WordPress Valuation Calculator plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via link Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via link Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Valuation Calculator versions = 1.3.2...