CVE-2025-3919 | Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress Setting save_settings cross site scripting

Inserito da Angelo Barbosa | Giu 2, 2025 | CVE

A vulnerability was found in Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress. It has been declared as problematic. This vulnerability affects the function save_settings of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-3919. The attack can be initiated remotely. There is no exploit available.

CVE-2025-3919 | Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress Setting save_settings cross site scripting

Post correlati

CVE-2024-48229 | funadmin 5.0.2 Curd One Click Command Mode Plugin sql injection

CVE-2024-9941 | dasinfomedia WPGYM Plugin up to 67.1.0 on WordPress MJ_gmgt_add_staff_member privileges management

CVE-2024-13037 | 1000 Projects Attendance Tracking Management System 1.0 /admin/report.php attendance_report course_id sql injection

CVE-2024-39592 | SAP PDCE S4CORE 102 up to S4COREOP 107 authorization