CVE-2025-48312

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 文派翻译（WP Chinese Translation） WPAvatar wpavatar allows Stored XSS.This issue affects WPAvatar: from n/a through = 1.9.4...

CVE-2025-48312

CVE-2025-48312 affects the WordPress WPAvatar plugin (versions up to 1.9.3). The issue is an Improper Neutralization of Input During Web Page Generation leading to Stored XSS. Vulnerability details from connected docs show the risk is tied to input handling in WPAvatar, with CVSSv3.1 base score 6...

CVE-2025-48312 WordPress WPAvatar plugin <= 1.9.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 文派翻译（WP Chinese Translation） WPAvatar allows Stored XSS. This issue affects WPAvatar: from n/a through 1.9.3...

CVE-2025-48312 WordPress WPAvatar plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 文派翻译（WP Chinese Translation） WPAvatar wpavatar allows Stored XSS.This issue affects WPAvatar: from n/a through = 1.9.4...

PT-2025-35001

Name of the Vulnerable Software and Affected Versions: WPAvatar versions through 1.9.3 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-Site Scripting XSS. Recommendations: Update WPAvatar to a version later tha...

WordPress plugin WPAvatar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress WPAvatar plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin WPAvatar versions = 1.9.4...