3 matches found
CVE-2025-5926
creationtimestamp| type| source ---|---|--- 2025-06-13 02:34:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18252 2025-06-13 05:07:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrho5kcgi52a...
CVE-2025-5926
The CVE-2025-5926 entry concerns the Link Shield WordPress plugin. Connected sources confirm a Cross-Site Request Forgery weakness due to missing nonce validation in link_shield_menu_options(), enabling unauthenticated requests to update settings and inject stored scripts. Affected versions are u...
CVE-2025-5926 Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the linkshieldmenuoptions function. This makes it possible for unauthenticated attackers to update settings and...