CVE-2025-13863

RevInsite is a WordPress plugin vulnerable to stored cross-site scripting (XSS) in versions up to 1.1.0 due to insufficient input sanitization and output escaping. The vulnerability enables an authenticated attacker with Contributor+ privileges to inject scripts via shortcode attributes (token/re...