CVE-2019-25743

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N                                    

Vulnerability Description

WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the post_title parameter, which are stored and executed when users preview the post.

Vulnerability Details

Published Date

June 04, 2026

Last Modified

June 04, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Soliloquywp

Product

Soliloquy Lite

External References

https://soliloquywp.com/
https://wordpress.org/plugins/soliloquy-lite/
https://www.exploit-db.com/exploits/47517
https://www.vulncheck.com/advisories/wordpress-soliloquy-lite-persistent-cross-site-scripting

CVE-2019-25743

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment