4 matches found
CVE-2025-11769
The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bgcolor' shortcode attribute of the 'flipperfront' shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2025-11769
The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bgcolor' shortcode attribute of the 'flipperfront' shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2025-11769 WordPress Content Flipper <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WordPress Content Flipper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bgcolor' shortcode attribute of the 'flipperfront' shortcode in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping. This makes it possib...
PT-2025-46792
Name of the Vulnerable Software and Affected Versions WordPress Content Flipper plugin versions up to and including 0.1 Description The WordPress Content Flipper plugin is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping in the 'bgcolor'...