EUVD-2025-9520

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

WordPress Gift Certificate Creator plugin is vulnerable to Reflected Cross-Site Scripting in versions up to 1.1.0

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-2483	2 Apr 202509:34	–	circl
CNNVD	WordPress plugin Gift Certificate Creator 跨站脚本漏洞	2 Apr 202500:00	–	cnnvd
CVE	CVE-2025-2483	2 Apr 202509:21	–	cve
Cvelist	CVE-2025-2483 Gift Certificate Creator <= 1.1.0 - Reflected Cross-Site Scripting via receip_address Parameter	2 Apr 202509:21	–	cvelist
NVD	CVE-2025-2483	2 Apr 202510:15	–	nvd
Patchstack	WordPress Gift Certificate Creator plugin <= 1.1.0 - Reflected Cross-Site Scripting via receip_address Parameter vulnerability	1 Apr 202522:42	–	patchstack
Positive Technologies	PT-2025-14472 · WordPress · Gift Certificate Creator	2 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-2483	4 Apr 202509:42	–	redhatcve
Vulnrichment	CVE-2025-2483 Gift Certificate Creator <= 1.1.0 - Reflected Cross-Site Scripting via receip_address Parameter	2 Apr 202509:21	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (March 31, 2025 to April 6, 2025)	10 Apr 202514:38	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "42988940-f908-3e61-b327-21307f64eb76",
        "vendor": {
          "name": "bobcares_plugins"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "82397c5e-11ba-3ebc-ba0c-ee4fbcf437d6",
        "product": {
          "name": "Gift Certificate Creator"
        },
        "product_version": "* ≤1.1.0"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/adbebe61-3adc-4ba1-8767-863dc2310cad
plugins	www.plugins.trac.wordpress.org/browser/gift-certificate-creator/trunk/giftcertificates.php
wordpress	www.wordpress.org/plugins/gift-certificate-creator/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-2483

03 Oct 2025 20:07Current

7.1High risk

Vulners AI Score7.1

CVSS 3.16.1

EPSS0.00824

SSVC