Reflected XSS Vulnerability in LTL Freight Quotes – Unishippers Edition by Eniture Technology
CVE-2025-22284

6.1MEDIUM

Key Information:

Vendor: WordPress
Status: Ltl Freight Quotes – Unishippers Edition
Vendor: CVE Published:; 16 February 2025

What is CVE-2025-22284?

This vulnerability in LTL Freight Quotes – Unishippers Edition by Eniture Technology leads to reflected cross-site scripting (XSS), allowing attackers to inject malicious scripts into web pages. If exploited, this flaw provides an avenue for unauthorized actions, data theft, and potential defacement of web applications. Users of the affected version (up to 2.5.8) should take immediate remedial actions including applying security patches and enhancing input validation.

Affected Version(s)

LTL Freight Quotes – Unishippers Edition <= 2.5.8

References

https://patchstack.com/database/wordpress/plugin/ltl-frei...

vdb-entry

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2025
Vulnerability Reserved
Jan 3, 2025

Credit

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)