CVE-2025-10357
CVE-2025-10357 affects WordPress Simple SEO plugin versions prior to 2.0.32. The vulnerability is a lack of sanitisation/escaping of parameters when outputting them on pages, enabling Cross-Site Scripting by users with as low as a contributor role. Root cause: insufficient input filtering in the ...