8 matches found
EUVD-2025-60931
The Jeba Cute forkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' parameter in the 'jebaforkit' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-12663
The Jeba Cute forkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' parameter in the 'jebaforkit' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-12663 Jeba Cute forkit <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Jeba Cute forkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' parameter in the 'jebaforkit' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-12663
CVE-2025-12663 (Jeba Cute forkit WordPress plugin) is a Stored Cross-Site Scripting vulnerability in the jeba_forkit shortcode. The issue stems from insufficient input sanitization and output escaping of the text attribute, affecting all versions up to 1.0. Exploitation requires authenticated acc...
CVE-2025-12663 Jeba Cute forkit <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Jeba Cute forkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' parameter in the 'jebaforkit' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin Jeba Cute forkit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-46288
Name of the Vulnerable Software and Affected Versions Jeba Cute forkit plugin for WordPress versions prior to 1.1 Description The Jeba Cute forkit plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate input sanitization and output escaping of...
WordPress Jeba Cute forkit plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zakaria in WordPress Plugin Jeba Cute forkit versions = 1.0...