NIXPKGS-2025-0024

published on 15 Dec 2025

Permalink CVE-2025-49053

updated 1 month, 2 weeks ago by @fricklerhandwerk Activity log

Created automatic suggestion 1 month, 2 weeks ago
@fricklerhandwerk removed package pairdrop 1 month, 2 weeks ago
@fricklerhandwerk accepted 1 month, 2 weeks ago
@fricklerhandwerk removed
2 maintainers
- @dit7ya
- @Enzime
1 month, 2 weeks ago
@fricklerhandwerk published on GitHub 1 month, 2 weeks ago

WordPress WP Airdrop Manager plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kadesthemes WP Airdrop Manager allows Stored XSS. This issue affects WP Airdrop Manager: from n/a through 1.0.5.

Affected products

airdrop

=<1.0.5

Matching in nixpkgs

pkgs.airdrop-cli

Use Airdrop from the CLI on macOS written in Swift

nixos-unstable 0-unstable-2024-04-13
- nixpkgs-unstable 0-unstable-2024-04-13
- nixos-unstable-small 0-unstable-2024-04-13
nixos-25.11 0-unstable-2025-07-14
- nixpkgs-25.11-darwin 0-unstable-2025-07-14

Package maintainers

Ignored maintainers (2)

@dit7ya Mostly Void <7rat13@gmail.com>
@Enzime Michael Hoang

Nixpkgs Security Tracker

Details of issue NIXPKGS-2025-0024

Affected products

Matching in nixpkgs

pkgs.airdrop-cli

Package maintainers