CVE-2025-1232

Published Mar 19, 2025

Last updated 16 days ago

CVSS high 8.8

Overview

Description
The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS attacks
Source
contact@wpscan.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Social media

Hype score
Not currently trending

  1. CVE-2025-1232 The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Store… https://t.co/l0niXzK1K1

    @CVEnew

    19 Mar 2025

    423 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

References