5 matches found
CVE-2025-11885
The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ebnonce' parameter in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
EUVD-2025-198397
The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ebnonce' parameter in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
CVE-2025-11885
CVE-2025-11885 : WordPress EchBay Admin Security plugin suffers a Reflected XSS via the _ebnonce parameter in versions up to 1.3.0 due to insufficient input sanitization and output escaping. Unauthenticated attackers could entice a user to perform an action (e.g., click a link) and have arbitrary...
CVE-2025-11885 EchBay Admin Security <= 1.3.0 - Reflected Cross-Site Scripting
The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ebnonce' parameter in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
PT-2025-47688
The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ' ebnonce' parameter in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...