CVE-2025-23656
CVE-2025-23656 describes a Missing Authorization vulnerability in the WordPress plugin Donate visa (Saul Morales Pacheco) that allows Stored Cross-Site Scripting (XSS) in versions n/a through 1.0.0. The vulnerability arises from missing authorization controls, enabling an attacker to inject and p...