CVE-2025-53624P2CRITICALCVSS 10.0PoCfixed in 4.0.02025-07-09
CVE-2025-53624 [CRITICAL] CWE-200 CVE-2025-53624: The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of
The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuration options. The token, intended for build-time API acc
ghsanvdosv