5 matches found
CVE-2025-23777
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...
PT-2025-44939
Name of the Vulnerable Software and Affected Versions All in One Time Clock Lite versions up to and including 2.0.3 Description The plugin exhibits unauthorized access due to a missing authorization check. Admin-level AJAX actions are exposed to unauthenticated users through wp ajax nopriv hooks,...
CVE-2025-23777 WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...
CVE-2025-23777 WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...
CVE-2025-23777
CVE-2025-23777 is an stored XSS in GDPR Personal Data Reports (Willows Consulting Ltd.). The affected product is GDPR Personal Data Reports (versions up to 1.0.5, n/a through 1.0.5). Root cause is improper neutralization of input during web page generation, enabling stored cross-site scripting. C...