CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9540

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-9541

CVE-2025-9541 affects the WordPress plugin Markup Markdown (versions before 3.20.10). The issue allows JavaScript in links, enabling Stored XSS for users with contributor role and above. Patchstack/Red Hat/NVD entries confirm the vulnerability and an update to 3.20.10 as the fix; apply the 3.20.1...

CVE-2025-9540 Markup Markdown < 3.20.10 - Contributor+ Stored XSS

The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Markup Markdown plugin <= 3.20.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by JeonKim in WordPress Plugin Markup Markdown versions = 3.20.6...