Reflected XSS Vulnerability in LTL Freight Quotes – Unishippers Edition by Eniture Technology
CVE-2025-22284

7.1HIGH

Key Information:

Vendor: WordPress
Status: Ltl Freight Quotes – Unishippers Edition
Vendor: CVE Published:; 16 February 2025

Summary

This vulnerability in LTL Freight Quotes – Unishippers Edition by Eniture Technology leads to reflected cross-site scripting (XSS), allowing attackers to inject malicious scripts into web pages. If exploited, this flaw provides an avenue for unauthorized actions, data theft, and potential defacement of web applications. Users of the affected version (up to 2.5.8) should take immediate remedial actions including applying security patches and enhancing input validation.

Affected Version(s)

LTL Freight Quotes – Unishippers Edition <= 2.5.8

References

https://patchstack.com/database/wordpress/plugin/ltl-frei...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 16, 2025
Vulnerability Reserved
Jan 3, 2025

Credit

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)