CVE-2025-47446
- EPSS 0.08%
- Veröffentlicht 07.05.2025 14:19:33
- Zuletzt bearbeitet 08.05.2025 14:39:18
Cross-Site Request Forgery (CSRF) vulnerability in listamester Listamester allows Cross Site Request Forgery. This issue affects Listamester: from n/a through 2.3.6.
CVE-2025-30813
- EPSS 0.14%
- Veröffentlicht 27.03.2025 10:55:02
- Zuletzt bearbeitet 27.03.2025 16:45:12
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.5.
CVE-2025-24678
- EPSS 0.08%
- Veröffentlicht 24.01.2025 18:15:41
- Zuletzt bearbeitet 24.01.2025 18:15:41
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.4.
CVE-2024-13659
- EPSS 0.16%
- Veröffentlicht 24.01.2025 06:15:26
- Zuletzt bearbeitet 05.02.2025 17:40:49
The Listamester plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'listamester' shortcode in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping on user supplied attribu...