VYPR

Xili Tidy Tags

by WordPress

Source repositories

CVEs (4)

  • CVE-2025-47680HigMay 23, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags xili-tidy-tags allows Reflected XSS.This issue affects xili-tidy-tags: from n/a through <= 1.12.06.

  • CVE-2025-58240MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-tidy-tags xili-tidy-tags allows Stored XSS.This issue affects xili-tidy-tags: from n/a through <= 1.12.06.

  • CVE-2024-9357MedNov 12, 2024
    risk 0.40cvss 6.1epss 0.00

    The xili-tidy-tags plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.12.04 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to…

  • CVE-2022-47448MedMay 24, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in dev.Xiligroup.Com - MS plugin <= 1.12.03 versions.