CVE-2025-6290
Summary: CVE-2025-6290 affects the WordPress plugin “Tournament Bracket Generator” up to version 1.0.0. The root cause is insufficient input sanitization and output escaping in the plugin’s bracket shortcode, enabling a stored Cross-Site Scripting (XSS) attack. Affected component: bracket shortco...