CVE-2025-47446
- EPSS 0.05%
- Veröffentlicht 07.05.2025 14:19:33
- Zuletzt bearbeitet 15.04.2026 00:35:42
Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester listamester allows Cross Site Request Forgery.This issue affects Listamester: from n/a through <= 2.3.6.
CVE-2025-30813
- EPSS 0.14%
- Veröffentlicht 27.03.2025 10:55:02
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.5.
CVE-2025-24678
- EPSS 0.06%
- Veröffentlicht 24.01.2025 18:15:41
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.4.
CVE-2024-13659
- EPSS 0.16%
- Veröffentlicht 24.01.2025 06:15:26
- Zuletzt bearbeitet 08.04.2026 18:20:11
The Listamester plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'listamester' shortcode in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping on user supplied attribu...