2 matches found
CVE-2025-28936
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sakurapixel Lunar lunar-sell-photos-online allows Stored XSS.This issue affects Lunar: from n/a through = 1.3.0...
CVE-2025-28936
CVE-2025-28936 affects the WordPress plugin Lunar (Lunar – Sell photos online). The issue is a stored XSS caused by improper input neutralization during web page generation, affecting Lunar versions up to 1.3.0. The connected resources confirm the vulnerability title/description and affected vers...