Skip to main content

Wikidocs

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-7887 LOW POC Monitor

Cross-site scripting (XSS) in WikiDocs up to version 1.0.78 allows remote attackers to inject malicious scripts via the path parameter in template.inc.php, requiring user interaction to trigger. The vulnerability has publicly available exploit code and carries a low CVSS score (2.1) due to its reliance on user interaction and limited impact scope, though the EPSS score of 0.10% suggests minimal real-world exploitation likelihood despite public disclosure.

PHP XSS Wikidocs
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7887
EPSS 0% CVSS 2.1
LOW POC Monitor

Cross-site scripting (XSS) in WikiDocs up to version 1.0.78 allows remote attackers to inject malicious scripts via the path parameter in template.inc.php, requiring user interaction to trigger. The vulnerability has publicly available exploit code and carries a low CVSS score (2.1) due to its reliance on user interaction and limited impact scope, though the EPSS score of 0.10% suggests minimal real-world exploitation likelihood despite public disclosure.

PHP XSS Wikidocs
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy