exploitDog

CVE-2025-31610

Опубликовано: 31 мар. 2025

Источник: nvd

CVSS3: 5.9

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme allows Stored XSS. This issue affects Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme: from n/a through 1.1.

Ссылки

https://patchstack.com/database/wordpress/plugin/gp-notification-bar/vulnerability/wordpress-notification-bar-sticky-notification-bar-sticky-welcome-bar-for-any-theme-plugin-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve

EPSS

Процентиль: 13%

0.00043

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-qw8r-mf6v-692x

CVSS3: 5.9

github

10 месяцев назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme allows Stored XSS. This issue affects Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme: from n/a through 1.1.

EPSS

Процентиль: 13%

0.00043

Низкий

5.9 Medium

CVSS3

Дефекты

CWE-79