CVE-2025-24555

High CVSS: 7.1

Cross-Site Request Forgery (CSRF) vulnerability in subscriptiondna Subscription DNA subscriptiondna allows Stored XSS.This issue affects Subscription DNA: from n/a through <= 2.1.

Vendor

Product

CWE

CWE-352

Yayın Tarihi

2025-01-24 18:15:33

Güncelleme

2026-04-23 15:24:59

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-352 HIGH 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/subscriptiondna/vulnerability/wordpress-subscription-dna-plugin-2-1-csrf-to-stored-xss-vulnerability?_s_id=cve