Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/10/23 9:13 a.m.11 views

CVE-2025-11827

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'beforewidget' and 'afterwidget' parameters of the oboxads-ad-widget shortcode in all versions up to, and including, 1.9.8. This is due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 9:15 a.m.7 views

CVE-2025-11827

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'beforewidget' and 'afterwidget' parameters of the oboxads-ad-widget shortcode in all versions up to, and including, 1.9.8. This is due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS0.00211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/22 8:27 a.m.7 views

CVE-2025-11827 Oboxmedia Ads <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'beforewidget' and 'afterwidget' parameters of the oboxads-ad-widget shortcode in all versions up to, and including, 1.9.8. This is due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS4.8AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/22 8:27 a.m.4 views

EUVD-2025-35321

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'beforewidget' and 'afterwidget' parameters of the oboxads-ad-widget shortcode in all versions up to, and including, 1.9.8. This is due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS4.7AI score0.00211EPSS
Exploits0References4
CVE
CVE
added 2025/10/22 8:27 a.m.18 views

CVE-2025-11827

CVE-2025-11827 : The Oboxmedia Ads WordPress plugin is vulnerable to Stored Cross-Site Scripting via the oboxads-ad-widget shortcode, specifically through the before_widget and after_widget parameters in versions up to and including 1.9.8. The issue arises from insufficient input sanitization and...

6.4CVSS4.8AI score0.00211EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/22 8:27 a.m.12 views

CVE-2025-11827 Oboxmedia Ads <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'beforewidget' and 'afterwidget' parameters of the oboxads-ad-widget shortcode in all versions up to, and including, 1.9.8. This is due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS0.00211EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin Oboxmedia Ads 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/10/21 11:59 p.m.7 views

WordPress Oboxmedia Ads plugin <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Oboxmedia Ads versions = 1.9.8...

6.4CVSS5.7AI score0.00211EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder