CVE-2025-25160

Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS. This issue affects Style Tweaker: from n/a through 0.11.
Configurations

Configuration 1 (hide)

cpe:2.3:a:markbarnes:style_tweaker:*:*:*:*:*:*:*:*

History

11 Feb 2025, 19:28

Type Values Removed Values Added
CPE cpe:2.3:a:markbarnes:style_tweaker:*:*:*:*:*:*:*:*
First Time Markbarnes
Markbarnes style Tweaker
Summary
  • (es) La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Mark Barnes Style Tweaker permite XSS almacenado. Este problema afecta a Style Tweaker: desde n/a hasta 0.11.
References () https://patchstack.com/database/wordpress/plugin/style-tweaker/vulnerability/wordpress-style-tweaker-plugin-0-11-csrf-to-stored-xss-vulnerability?_s_id=cve - () https://patchstack.com/database/wordpress/plugin/style-tweaker/vulnerability/wordpress-style-tweaker-plugin-0-11-csrf-to-stored-xss-vulnerability?_s_id=cve - Third Party Advisory

07 Feb 2025, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-07 10:15

Updated : 2025-02-11 19:28


NVD link : CVE-2025-25160

Mitre link : CVE-2025-25160

CVE.ORG link : CVE-2025-25160


JSON object : View

Products Affected

markbarnes

  • style_tweaker
CWE
CWE-352

Cross-Site Request Forgery (CSRF)