Sign in Subscribe

← All advisories

High severity7.1NVD Advisory· Published Apr 24, 2025· Updated Apr 28, 2026

CVE-2025-46452

CVE-2025-46452

Description

Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News allows Stored XSS. This issue affects Google News: from n/a through 2.5.1.

Affected products

1

WordPress/Google Newsinferred
Range: <=2.5.1
Package: https://wordpress.org/plugins/google-news

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

patchstack.com/database/wordpress/plugin/google-news/vulnerability/wordpress-google-news-plugin-2-5-1-csrf-to-stored-xss-vulnerabilitynvd

News mentions

0

No linked articles in our index yet.