Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.4 views

CVE-2025-13969

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.0031EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.6 views

EUVD-2025-202987

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS4.7AI score0.0031EPSS
Exploits0References12
NVD
NVD
added 2025/12/12 4:15 a.m.16 views

CVE-2025-13969

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS0.0031EPSS
Exploits0References11
CVE
CVE
added 2025/12/12 3:20 a.m.23 views

CVE-2025-13969

CVE-2025-13969 is a stored XSS in the Reviews Sorted WordPress plugin. Affected: Reviews Sorted plugin for WordPress, specifically the [reviews-slider] shortcode’s space parameter. Impact: authenticated attackers with Contributor-level access or higher can inject scripts that run in pages viewed ...

6.4CVSS4.8AI score0.0031EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.6 views

PT-2025-50837

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.0031EPSS
Exploits0References12
Rows per page
Query Builder