CVE-2025-25304 | Vega up to 5.25.x vlSelectionTuples cross site scripting (GHSA-mp7w-mhcv-673j)

Posted by Angelo Barbosa | Feb 15, 2025 | CVE

A vulnerability was found in Vega up to 5.25.x. It has been classified as problematic. Affected is the function vlSelectionTuples. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-25304. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25304 | Vega up to 5.25.x vlSelectionTuples cross site scripting (GHSA-mp7w-mhcv-673j)

Related Posts

CVE-2024-54205 | Paloma Widget Plugin up to 1.14 on WordPress cross-site request forgery

CVE-2023-50840 | wpdevelop Booking Manager Plugin up to 2.1.5 on WordPress sql injection

CVE-2024-32723 | Code Tides Advanced Floating Content Plugin up to 1.2.5 on WordPress cross site scripting

CVE-2024-32725 | Saleswonder 5 Stars Rating Funnel Plugin up to 1.2.67 on WordPress authorization