exploitDog

CVE-2025-11560

Опубликовано: 12 нояб. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

The Team Members Showcase WordPress plugin before 3.5.0 does not sanitize and escape a parameter before outputting it back in the page, leading to reflected cross-site scripting, which could be used against high-privilege users such as admins.

Ссылки

https://wpscan.com/vulnerability/64d7a074-3f1d-4b09-8e96-d76b9fb3c41e/

EPSS

Процентиль: 14%

0.00045

Низкий

7.1 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-xh54-v5gh-jq8v

CVSS3: 6.1

github

3 месяца назад

The Team Members Showcase WordPress plugin before 3.5.0 does not sanitize and escape a parameter before outputting it back in the page, leading to reflected cross-site scripting, which could be used against high-privilege users such as admins.

EPSS

Процентиль: 14%

0.00045

Низкий

7.1 High

CVSS3

Дефекты