CVE-2025-3670 | KiwiChat NextClient Plugin up to 6.2 on WordPress URL Parameter url cross site scripting

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability was found in KiwiChat NextClient Plugin up to 6.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation of the argument url leads to cross site scripting.

The identification of this vulnerability is CVE-2025-3670. The attack may be initiated remotely. There is no exploit available.

CVE-2025-3670 | KiwiChat NextClient Plugin up to 6.2 on WordPress URL Parameter url cross site scripting

Post correlati

CVE-2024-44965 | Linux Kernel up to 6.10.4 pti_clone_pgtable stack-based overflow

CVE-2024-26122 | Adobe Experience Manager up to 6.5.19 Form Field cross site scripting (apsb24-21)

CVE-2025-0308 | Ultimate Member Plugin up to 2.9.1 on WordPress sql injection

CVE-2024-8709 | SourceCodester Best House Rental Management System 1.0 /admin_class.php delete_user/save_user id sql injection