CVE-2025-23616
CVE-2025-23616 affects the WordPress Canalplan plugin (versions up to and including 5.31). The issue is an improper neutralization of input during web page generation, causing a reflected Cross-Site Scripting (XSS) vulnerability. Exploitation requires user interaction, and the CVSSv3.1 vector is ...