CVE-2025-0368
04.02.2025, 06:15
The Banner Garden Plugin for WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users.
| Vendor | Product | Version |
|---|---|---|
| karacsi_maci | banner_garden | 𝑥 ≤ 0.1.3 |
𝑥
= Vulnerable software versions