CVE-2025-5336

CVE-2025-5336 concerns WordPress plugin “Click to Chat” for HoliThemes. The vulnerability is a Stored DOM-based Cross-Site Scripting via the data-no_number parameter in versions up to 4.22, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access a...