CVE-2025-23884 WordPress Annie plugin <= 2.1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Chris Roberts Annie annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through = 2.1.1...

CVE-2025-23884

CVE-2025-23884 affects the Annie WordPress plugin. The Red Hat/NVD descriptions indicate a CSRF vulnerability that could lead to a stored XSS, impacting Annie versions up to 2.1.1. The CVSS base score is 7.1 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L. No public exploit detail...

CVE-2025-23886

CVE-2025-23886 is an Improper Neutralization of Input During Web Page Generation (Stored XSS) affecting the WordPress plugin Annie by Chris Roberts. Affected range: Annie from n/a through 2.1.1. Public references describe the vulnerability as Stored XSS, not Exploitation details. Red Hat and Word...

CVE-2025-23886 WordPress Annie plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Roberts Annie annie allows Stored XSS.This issue affects Annie: from n/a through = 2.1.1...

CVE-2025-23886 WordPress Annie plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Roberts Annie annie allows Stored XSS.This issue affects Annie: from n/a through = 2.1.1...