CVE-2025-29003
CVE-2025-29003 : Stored XSS in The Holiday Calendar WordPress plugin. Affected: The Holiday Calendar versions up to 1.18.2.1 (n/a–1.18.2.1). Root cause: Improper neutralization of input during web page generation. Impact: Stored cross‑site scripting could be triggered on affected pages. CVSS v3.1...