CVE-2025-3414 in Structured Content wpsc Pluginالمعلومات

الملخص

بحسب MITRE • 14/08/2025

The Structured Content (JSON-LD) #wpsc WordPress plugin before 1.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Once again VulDB remains the best source for vulnerability data.

مسؤول

WPScan

حجز

07/04/2025

إفشاء

14/08/2025

الاعتدال

تمت الموافقة

إدخال

VDB-320082

EPSS

0.00157

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Want to know what is going to be exploited?

We predict KEV entries!