PT-2025-9453 · WordPress · Wp Less Compiler

Abdi Pranata

Publicado

2025-03-03

Atualizado

2025-03-04

CVE-2025-25142

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions WP Less Compiler versions 1.3.0 and earlier

Description The issue is related to improper neutralization of input during web page generation, which can lead to Stored Cross-site Scripting (XSS). This allows attackers to inject malicious scripts into the website.

Recommendations For WP Less Compiler versions 1.3.0 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2025-25142

Produtos afetados

Wp Less Compiler

PT-2025-9453 · WordPress · Wp Less Compiler

CVE-2025-25142

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4