CVE Details
Basic Information
| Title | CVE-2025-39450 |
|---|---|
| Type | cve |
| Published | 2025-05-19T18:15:29 |
| Last Seen | 2025-05-19T18:18:45 |
CVSS Information
| Base Score | 6.5 (MEDIUM) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A DOM-Based XSS vulnerability in Crocoblock JetTabs allows attackers to inject scripts into the page. This can lead to unauthorized actions on behalf of the user. The issue is of medium severity and affects users of the JetTabs plugin. |
|---|---|
| AI Severity | Medium |
| Vendor | WordPress Community |
| Product | Crocoblock JetTabs |
| Affected Version | Unknown |
Additional Information
| CVE List | CVE-2025-39450 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Crocoblock JetTabs allows DOM-Based XSS. This issue affects…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)