CVE-2025-22284

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Feb 16, 2025

CWE ID 79

Summary

CVE-2025-22284 is a Cross-site Scripting (XSS) vulnerability affecting the enituretechnology LTL Freight Quotes – Unishippers Edition software. The issue arises from improper neutralization of user input during web page generation. An attacker can exploit this flaw to inject malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of their sessions. Affected versions of the software range from n/a to 2.5.8. It is crucial for users to update to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ltl Freight Quotes Plugin

Affected Vendors

WordPress

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2JMvwy
https://www.cve.org/CVERecord?id=CVE-2025-22284
https://nvd.nist.gov/vuln/detail/CVE-2025-22284

Back to Vulnerability Database