CVE-2025-3919 | Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress Setting save_settings cross site scripting

Inserito da Angelo Barbosa | Giu 2, 2025 | CVE

A vulnerability was found in Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress. It has been declared as problematic. This vulnerability affects the function save_settings of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-3919. The attack can be initiated remotely. There is no exploit available.

CVE-2025-3919 | Comments Import & Export Plugin up to 2.4.3/2.4.4 on WordPress Setting save_settings cross site scripting

Post correlati

CVE-2025-5520 | Open5GS up to 2.7.3 AMF/MME gmm_state_authentication/emm_state_authentication assertion (Issue 3910)

CVE-2024-42613 | Pligg CMS 2.0.2 cross-site request forgery

CVE-2023-31854 | Precomp 0.4.8 std::bad_alloc Privilege Escalation

CVE-2024-50429 | WPBlockArt Magazine Blocks Plugin up to 1.3.15 on WordPress cross site scripting