CVE-2025-22821

CVE-2025-22821 is a DOM-based XSS in StorePress (vfthemes) prior to 1.0.12. The issue arises from Improper Neutralization of Input During Web Page Generation, enabling cross-site scripting. Public reports in Red Hat and Wordfence corroborate a StorePress vulnerability with the StorePress plugin/t...