2 matches found
CVE-2025-6540
CVE-2025-6540 relates to the WordPress plugin “web-cam” (versions up to 1.0). It is a Stored Cross-Site Scripting (Stored XSS) vulnerability via the slug parameter caused by insufficient input sanitization and output escaping. Exploitation requires at least Contributor-level authentication, and t...
WordPress web-cam plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via slug Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via slug Parameter vulnerability discovered by Gilang in WordPress Plugin web-cam versions = 1.0...