exploitDog

CVE-2025-26768

Опубликовано: 16 фев. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field allows Stored XSS. This issue affects what3words Address Field: from n/a through 4.0.15.

Ссылки

https://patchstack.com/database/wordpress/plugin/3-word-address-validation-field/vulnerability/wordpress-what3words-address-field-plugin-4-0-15-csrf-to-stored-xss-vulnerability?_s_id=cve

EPSS

Процентиль: 14%

0.00046

Низкий

7.1 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-f3q3-qf9q-v7v4

CVSS3: 7.1

github

12 месяцев назад

Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field allows Stored XSS. This issue affects what3words Address Field: from n/a through 4.0.15.

EPSS

Процентиль: 14%

0.00046

Низкий

7.1 High

CVSS3

Дефекты

CWE-352