CVE-2025-8686

CVE-2025-8686 details from the provided documents: The WordPress plugin WP Easy FAQs (WP Easy FAQs) is vulnerable to Stored Cross-Site Scripting (Stored XSS) via the WP_EASY_FAQ shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. The flaw affects all ...

CVE-2022-1395

The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

CVE-2022-1395

The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

CVE-2022-1395

The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

Cross site scripting

The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

CVE-2022-1395

CVE-2022-1395 affects WordPress Easy FAQ with Expanding Text plugin (versions

CVE-2022-1395 Easy FAQ with Expanding Text <= 3.2.8.3.1 - Admin+ Stored Cross-Site Scripting

The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

WordPress plugin Easy FAQ with Expanding Text 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Easy FAQ with Expanding Text plugin 3.2.8.3.1 and earlier versions contain a cross-site scripting...