CVE-2025-28919
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Mar 11, 2025
CWE ID 79
Summary
CVE-2025-28919 is a Cross-site Scripting (XSS) vulnerability affecting Shellbot Easy Image Display. The issue stems from improper neutralization of user input during web page generation, enabling attackers to inject malicious scripts and execute unauthorized actions on affected systems. This flaw, present in versions from n/a to 1.2.5, poses a significant risk to users, potentially leading to stolen user data, unauthorized system access, or other malicious activities.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- WordPress