CVE-2025-31020 WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...

CVE-2025-31020

CVE-2025-31020 – Stored XSS in Simple Spoiler (WordPress plugin) . The vulnerability arises from improper input neutralization during web page generation, enabling stored cross-site scripting when users submit content that is rendered by the Simple Spoiler plugin. Affected software is listed as S...

CVE-2025-31020 WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webliberty Simple Spoiler simple-spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through = 1.4...

WordPress Simple Spoiler Plugin <= 1.3 is vulnerable to Broken Access Control

Software Simple Spoiler Type Plugin Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Broken Access Control CVE CVE-2024-8479 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 5815e2232ebe Credits Francesco Carlucci Required privilege...

WordPress Simple Spoiler Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Spoiler Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35639 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c046b9bc81be Credits Cronus Required privilege Administrator...