March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Medusa Ransomware – Active IOCs
March 11, 2025SideWinder APT Group aka Rattlesnake – Active IOCs
March 11, 2025Medusa Ransomware – Active IOCs
March 11, 2025SideWinder APT Group aka Rattlesnake – Active IOCs
March 11, 2025
Severity
High
Analysis Summary
CVE-2025-23585 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CantonBolo Goo.gl Url Shorter allows Reflected XSS. This issue affects Goo.gl Url Shorter: from n/a through 1.0.1.
CVE-2025-23517 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Map on Post/Page allows Reflected XSS. This issue affects Google Map on Post/Page: from n/a through 1.1.
CVE-2025-23493 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Transliteration allows Reflected XSS. This issue affects Google Transliteration: from n/a through 1.7.2.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2025-23585
CVE-2025-23517
CVE-2025-23493
Affected Vendors
- WordPress
Affected Products
- CantonBolo Goo.gl Url Shorter - n/a
- NotFound Google Map on Post/Page - n/a
- NotFound Google Transliteration - n/a
Remediation
Update the WordPress plugin to the latest available version.