2 matches found
CVE-2025-23489
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brian Messenlehner WP-Announcements wp-announcements allows Reflected XSS.This issue affects WP-Announcements: from n/a through = 1.8...
CVE-2025-23489
CVE-2025-23489 : Reflected XSS in the WP-Announcements plugin for WordPress (affected: WP-Announcements up to version 1.8). Root cause: improper neutralization of input during web page generation. Impact: potential to run arbitrary script in a victim’s browser. CVSS v3.1 base score 7.1 (HIGH). Co...