CVE-2025-5085
CVE-2025-5085 affects the WP Nano AD WordPress plugin (versions up to 1.31). It enables Stored Cross-Site Scripting via the blogrole_link parameter due to insufficient input sanitization/escaping. Impact: authenticated attackers with administrator rights can inject scripts that run for users on i...