WordPress WP Virtual Assistant plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Virtual Assistant versions = 3.1...

CVE-2025-60155

CVE-2025-60155 refers to a missing-authorization vulnerability in WP Virtual Assistant. Connected sources confirm affected software: WP Virtual Assistant (≤3.0). The CVE lists a CVSS v3.1 base score of 5.3 (Medium) with network attack vector, no privileges required, and potential low integrity im...

WordPress plugin WP Virtual Assistant 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...