CVE-2025-28894
Description
Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of Posts from each Category plugin for WordPress list-posts-by-category allows Stored XSS.This issue affects List of Posts from each Category plugin for WordPress: from n/a through <= 2.0.
CWE
- CWE-352 — Cross-Site Request Forgery (CSRF)
Affected
- frucomerci / List of Posts from each Category plugin for WordPress — v=0 ≤2.0 [affected]
CVSS
- (none)
References
Source
cvelistV5-main/cves/2025/28xxx/CVE-2025-28894.json