exploitDog

CVE-2025-28901

Опубликовано: 11 мар. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in Naren Members page only for logged in users allows Stored XSS. This issue affects Members page only for logged in users: from n/a through 1.4.2.

Ссылки

https://patchstack.com/database/wordpress/plugin/members-page-only-for-logged-in-users/vulnerability/wordpress-members-page-only-for-logged-in-users-plugin-1-4-2-csrf-to-stored-xss-vulnerability?_s_id=cve

EPSS

Процентиль: 14%

0.00046

Низкий

7.1 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-mwr9-w823-pvwp

CVSS3: 7.1

github

11 месяцев назад

Cross-Site Request Forgery (CSRF) vulnerability in Naren Members page only for logged in users allows Stored XSS. This issue affects Members page only for logged in users: from n/a through 1.4.2.

EPSS

Процентиль: 14%

0.00046

Низкий

7.1 High

CVSS3

Дефекты

CWE-352

Уязвимость CVE-2025-28901