WordPress Exchange Rates Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Exchange Rates versions = 1.2.5...

CVE-2025-58624 WordPress Exchange Rates Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in falselight Exchange Rates exchange-rates allows Stored XSS.This issue affects Exchange Rates: from n/a through = 1.2.5...

CVE-2025-58624

CVE-2025-58624 describes a Stored XSS in the WordPress Exchange Rates plugin (versions up to 1.2.5). The vulnerability stems from improper input neutralization during web page generation, enabling attacker-controlled input to be stored and reflected in pages. Severity is MEDIUM (CVSS 3.1 base sco...

WordPress Exchange Rates plugin <= 1.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Exchange Rates versions = 1.2.2...