PT-2025-13725 · Unknown · Wp-Buy Related Posts Widget With Thumbnails

Abdi Pranata

Published

2025-03-31

Updated

2025-03-31

CVE-2025-31570

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions wp-buy Related Posts Widget with Thumbnails versions 1.2 and earlier

Description The issue affects the Related Posts Widget with Thumbnails, allowing for Stored XSS due to a Cross-Site Request Forgery (CSRF) vulnerability.

Recommendations For versions 1.2 and earlier, update to a version that contains a fix for this issue, as the current version is affected by the CSRF vulnerability that enables Stored XSS.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-31570

Affected Products

Wp-Buy Related Posts Widget With Thumbnails

PT-2025-13725 · Unknown · Wp-Buy Related Posts Widget With Thumbnails

CVE-2025-31570

Weakness Enumeration

Related Identifiers

Affected Products

References · 3