CVE-2025-25089
CVE-2025-25089 describes a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Image Rotator (affected: Image Rotator <= 2.0). The issue stems from improper neutralization of input during web page generation , per description. The CVSS data (v3.1) assigns a base score of 7.1 (...