Vulnerabilities and security researches forcrossword-compiler-puzzles crossword-compiler-puzzles

May 08, 2025

CVE, Research URL: CVE-2025-46493
Home page URL: Security reports for Crossword Compiler Puzzles
Application: Crossword Compiler Puzzles
Date: May 23, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordwebsoftware Crossword Compiler Puzzles allows Stored XSS. This issue affects Crossword Compiler Puzzles: from n/a through 5.3.
Affected versions: max 5.3.
Status: vulnerable

May 05, 2025

CVE, Research URL: CVE-2025-46490
Home page URL: Security reports for Crossword Compiler Puzzles
Application: Crossword Compiler Puzzles
Date: May 23, 2025
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles allows Upload a Web Shell to a Web Server. This issue affects Crossword Compiler Puzzles: from n/a through 5.2.
Affected versions: max 5.3.
Status: vulnerable