4 matches found
CVE-2025-12710 Pet-Manager – Petfinder <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via kwm-petfinder Shortcode
The Pet-Manager – Petfinder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kwm-petfinder shortcode in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2025-12710
CVE-2025-12710 affects the WordPress plugin Pet-Manager – Petfinder (tier-management-petfinder) up to version 3.6.1. It is a Stored Cross‑Site Scripting vulnerability via the kwm-petfinder shortcode caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploit...
WordPress plugin Pet-Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress Pet-Manager – Petfinder plugin <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via kwm-petfinder Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via kwm-petfinder Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Pet-Manager – Petfinder versions = 3.6.1...