PT-2026-46213 · Soliloquywp · Soliloquy Lite
Unk9Vvn
·
Published
2026-06-04
·
Updated
2026-06-04
·
CVE-2019-25743
CVSS v3.1
6.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the post title parameter, which are stored and executed when users preview the post.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Soliloquy Lite