Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.4 views

CVE-2025-13969

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.00298EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.3 views

EUVD-2025-202987

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS4.7AI score0.00298EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.2 views

CVE-2025-13969 Reviews Sorted <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'space' Shortcode Attribute

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS4.8AI score0.00298EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.25 views

CVE-2025-13969 Reviews Sorted <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'space' Shortcode Attribute

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS0.00298EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.4 views

PT-2025-50837

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'space' parameter of the reviews-slider shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.1AI score0.00298EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.2 views

WordPress plugin Reviews Sorted 跨站脚本漏洞

...

6.4CVSS5.8AI score0.00298EPSS
Exploits0References11
Patchstack
Patchstack
added 2025/12/11 6:33 p.m.9 views

WordPress Reviews Sorted plugin <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'space' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'space' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin Reviews Sorted versions = 2.4.2...

6.4CVSS5.6AI score0.00298EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder