CVE-2025-49063

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in i3geek BaiduXZH Submit百度熊掌号 i3geek-baiduxzh allows Reflected XSS.This issue affects BaiduXZH Submit百度熊掌号: from n/a through = 1.4.6...

CVE-2025-49063

CVE-2025-49063 corresponds to a reflected XSS in the WordPress BaiduXZH Submit(百度熊掌号) plugin (i3geek-baiduxzh). Affected range is up to version 1.4.6; the root cause is improper neutralization of input during web page generation. Public sources consistently note the vulnerability as unresolved (u...