CVE-2025-13853

The Nearby Now Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'datatech' parameter of the nn-tech shortcode in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-13853

The Nearby Now Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'datatech' parameter of the nn-tech shortcode in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-13853

CVE-2025-13853 affects Nearby Now Reviews (WordPress plugin) and is an authenticated Stored XSS in the nn-tech shortcode via the data_tech parameter, impacting all versions up to 5.2. The flaw arises from insufficient input sanitization and output escaping, enabling an attacker with Contributor+ ...

PT-2026-1717

Name of the Vulnerable Software and Affected Versions Nearby Now Reviews plugin for WordPress versions up to and including 5.2 Description The Nearby Now Reviews plugin for WordPress is susceptible to Stored Cross-Site Scripting through the data tech parameter of the nn-tech shortcode. Insufficie...

WordPress plugin Nearby Now Reviews 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...