CVE-2025-48252 WordPress Back Button Widget <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Back Button Widget allows Stored XSS. This issue affects Back Button Widget: from n/a through 1.6.8...

PT-2024-26590 · WordPress · Xabier Miranda Wp Back Button

Name of the Vulnerable Software and Affected Versions: Xabier Miranda WP Back Button versions 1.1.3 and earlier Description: The issue is a Cross Site Scripting XSS vulnerability, specifically a Stored XSS, in Xabier Miranda WP Back Button. This allows an attacker to inject malicious scripts into...

WordPress WP Back Button Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Back Button Type Plugin Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35643 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 90452d019b78 Credits alfido osdie Patchstack Alliance Required...