Lucene search
K

5 matches found

NVD
NVD
added 2025/08/01 5:15 a.m.9 views

CVE-2025-7725

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment feature in all versions up to, and including, 26.1.0 due to...

7.2CVSS0.00228EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/01 4:24 a.m.5 views

CVE-2025-7725 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment feature in all versions up to, and including, 26.1.0 due to...

7.2CVSS6.2AI score0.00228EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/01 4:24 a.m.13 views

CVE-2025-7725 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment feature in all versions up to, and including, 26.1.0 due to...

7.2CVSS0.00228EPSS
Exploits0References2
CVE
CVE
added 2025/08/01 4:24 a.m.27 views

CVE-2025-7725

CVE-2025-7725 affects the WordPress plugin “Contest Gallery – Upload, Vote & Sell with PayPal and Stripe” (and related Photo/Contest Gallery suite). The vulnerability is a Stored Cross-Site Scripting (XSS) in the comment feature present in all versions up to and including 26.1.0, caused by insuff...

7.2CVSS6.2AI score0.00228EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/07/31 9:57 p.m.6 views

WordPress Contest Gallery plugin <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Contest Gallery versions = 26.1.0...

7.2CVSS5.5AI score0.00228EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder