Vulnerabilities and security researches forltl-freight-quotes-daylight-edition ltl-freight-quotes-daylight-edition

Jun 14, 2025

CVE, Research URL: CVE-2025-5303
Home page URL: Security reports for LTL Freight Quotes – Daylight Edition
Application: LTL Freight Quotes – Daylight Edition
Date: Jun 07, 2025
Research Description: The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expiry_date parameter in all versions up to, and including, 1.0.11, 2.2.6 and 2.1.10 respectively, due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Sep 05, 2025

CVE, Research URL: CVE-2025-58643
Home page URL: Security reports for LTL Freight Quotes – Daylight Edition
Application: LTL Freight Quotes – Daylight Edition
Date: Sep 03, 2025
Research Description: Deserialization of Untrusted Data vulnerability in enituretechnology LTL Freight Quotes – Daylight Edition allows Object Injection. This issue affects LTL Freight Quotes – Daylight Edition: from n/a through 2.2.7.
Affected versions: Min -, max -.
Status: vulnerable