CVEs-PoC/2025/CVE-2025-0522.md at 4e4e30233e70832d643d5c6ab6fbfa6f130b4bb1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-30 04:59:31 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.

POC

Reference

https://wpscan.com/vulnerability/4c2eed5a-f4d8-457d-a403-7eaced36c491/

Github

https://github.com/20142995/nuclei-templates
https://github.com/cyb3r-w0lf/nuclei-template-collection

966 B Raw Blame History

CVE-2025-0522

Description

POC

Reference

Github

966 B

Raw Blame History