Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through <= 2.4.1.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Wordpress |
|
No data.
No data.
References
History
Wed, 01 Apr 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a through 2.4.1. | Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through <= 2.4.1. |
| References | ||
| Metrics |
cvssV3_1
|
Sat, 26 Apr 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 24 Apr 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a through 2.4.1. | |
| Title | WordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerability | |
| Weaknesses | CWE-352 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published: 2025-04-24T16:08:50.656Z
Updated: 2026-04-01T15:52:57.295Z
Reserved: 2025-04-24T14:22:54.405Z
Link: CVE-2025-46492
Vulnrichment
Updated: 2025-04-24T19:54:51.121Z
NVD
Status : Deferred
Published: 2025-04-24T16:15:39.980
Modified: 2026-04-15T00:35:42.020
Link: CVE-2025-46492
Redhat
No data.