CVE-2025-1437
CVE-2025-1437 affects the WordPress plugin Advanced iFrame . The vulnerability is a Stored Cross-Site Scripting (XSS) via the plugin’s advanced_iframe shortcode in all versions up to 2025.2, caused by insufficient input sanitization and output escaping on user-supplied attributes. Impact: authent...