CyberRota
← Ana sayfaya dön

CVE-2025-15665

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-14T06:16:41.087 · Çekilme zamanı: 2026-07-14T12:06:10.515009+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2025-15665
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end (the value is passed through do_shortcode, which echoes non-shortcode content verbatim), allowing users with administrator-level access to store a script that executes in the browser of any visitor who loads a page displaying the widget.