- Description
- The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages when logging is enabled that will execute whenever a user accesses an injected page.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 2.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
- Severity
- HIGH
- security@wordfence.com
- CWE-79
- Hype score
- Not currently trending
CVE-2025-1561 (CVSS:7.2, HIGH) is Awaiting Analysis. The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' ..https://t.co/FSZxNJcx86 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
18 Mar 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-1561 🔴 HIGH (7.2) 🏢 scottopolis - AppPresser – Mobile App Framework 🏗️ * 🔗 https://t.co/o7ABtFKrqA 🔗 https://t.co/5GxEPoO9EV 🔗 https://t.co/1WyZlzHfIf #CyberCron #VulnAlert #InfoSec https://t.co/gjW5WOWfqw
@cybercronai
14 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-1561 - WordPress - HIGH 🚨 🗓️ Date published 2025-03-13 05:15:27 UTC #WordPress #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/L6XoFjLboN
@vulns_space
13 Mar 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1561 The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, … https://t.co/C5QuA1OjsI
@CVEnew
13 Mar 2025
442 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes