3 matches found
WordPress plugin Image Editor by Pixo 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site scripting...
CVE-2025-5588
CVE-2025-5588 : The Image Editor by Pixo WordPress plugin is vulnerable to a Stored Cross-Site Scripting (Stored XSS) via the download parameter. Affected versions are up to and including 2.3.6. The issue arises from insufficient input sanitization and output escaping, enabling an authenticated a...
CVE-2025-5588 Image Editor by Pixo <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via download Parameter
The Image Editor by Pixo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘download’ parameter in all versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...