CVE-2025-1288
The connected sources confirm a vulnerability in the WOOEXIM WordPress plugin (versions before 5.0.0) where CSRF is not consistently checked and inputs lack proper sanitisation and escaping. This can allow an unauthenticated attacker to trigger a reflected XSS via CSRF, potentially affecting page...