Vulnerabilities and security researches forltl-freight-quotes-day-ross-edition ltl-freight-quotes-day-ross-edition

Jun 15, 2025

CVE, Research URL: CVE-2025-5303
Home page URL: Security reports for LTL Freight Quotes – Day & Ross Edition
Application: LTL Freight Quotes – Day & Ross Edition
Date: Jun 07, 2025
Research Description: The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expiry_date parameter in all versions up to, and including, 1.0.11, 2.2.6 and 2.1.10 respectively, due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Sep 06, 2025

CVE, Research URL: CVE-2025-58642
Home page URL: Security reports for LTL Freight Quotes – Day & Ross Edition
Application: LTL Freight Quotes – Day & Ross Edition
Date: Sep 03, 2025
Research Description: Deserialization of Untrusted Data vulnerability in enituretechnology LTL Freight Quotes – Day & Ross Edition allows Object Injection. This issue affects LTL Freight Quotes – Day & Ross Edition: from n/a through 2.1.11.
Affected versions: Min -, max -.
Status: vulnerable