CVE-2025-48313: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in kevin heath Tripadvisor Shortcode
Severity: mediumType: vulnerabilityCVE-2025-48313
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kevin heath Tripadvisor Shortcode allows Stored XSS. This issue affects Tripadvisor Shortcode: from n/a through 2.2.
CVE-2025-48313: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in kevin heath Tripadvisor Shortcode
Medium
Published: Thu Aug 28 2025 (08/28/2025, 12:36:53 UTC)
Source: CVE Database V5
Vendor/Project: kevin heath
Product: Tripadvisor Shortcode
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kevin heath Tripadvisor Shortcode allows Stored XSS. This issue affects Tripadvisor Shortcode: from n/a through 2.2.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Patchstack
- Date Reserved
- 2025-05-19T14:13:53.900Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68b0537dad5a09ad006cfc68
Added to database: 8/28/2025, 1:02:53 PM
Last updated: 8/28/2025, 1:02:53 PM
Views: 1
Related Threats
CVE-2025-54742: CWE-502 Deserialization of Untrusted Data in magepeopleteam WpEvently
HighVulnerabilityThu Aug 28 2025
CVE-2025-54738: CWE-288 Authentication Bypass Using an Alternate Path or Channel in NooTheme Jobmonster
CriticalVulnerabilityThu Aug 28 2025
CVE-2025-54734: CWE-862 Missing Authorization in bPlugins B Slider
MediumVulnerabilityThu Aug 28 2025
CVE-2025-54733: CWE-862 Missing Authorization in Miles All Bootstrap Blocks
MediumVulnerabilityThu Aug 28 2025
CVE-2025-54731: CWE-94 Improper Control of Generation of Code ('Code Injection') in emarket-design YouTube Showcase
HighVulnerabilityThu Aug 28 2025
Actions
Please log in to the Console to use AI analysis features.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.