Lucene search
K

5 matches found

NVD
NVD
added 2025/05/15 8:16 p.m.9 views

CVE-2025-1454

The Ninja Pages WordPress plugin through 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.4CVSS0.00209EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.4 views

CVE-2025-1454 Ninja Pages <= 1.4.2 - Admin+ Stored XSS

The Ninja Pages WordPress plugin through 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00209EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.12 views

CVE-2025-1454 Ninja Pages <= 1.4.2 - Admin+ Stored XSS

The Ninja Pages WordPress plugin through 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00209EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.45 views

CVE-2025-1454

CVE-2025-1454 refers to the WordPress Ninja Pages plugin (versions

5.4CVSS7.8AI score0.00209EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.4 views

PT-2025-21564 · WordPress · Ninja Pages

Name of the Vulnerable Software and Affected Versions: Ninja Pages plugin for WordPress versions 1.4.2 and earlier Description: The issue concerns the Ninja Pages WordPress plugin, which does not properly sanitize and escape some of its settings. This could allow high-privilege users, such as...

5.4CVSS8AI score0.00209EPSS
Exploits1References4
Rows per page
Query Builder