CVE-2025-22322

Published Jan 21, 2025

Last updated 20 hours ago

Overview

Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Private Messages for UserPro userpro-messaging allows Reflected XSS.This issue affects Private Messages for UserPro: from n/a through <= 4.10.0.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Weaknesses

audit@patchstack.com
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2025-22322 Reflected XSS Vulnerability in UserPro Private Messages Plugin https://t.co/5Oq73bGvvB

    @VulmonFeeds

    21 Jan 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-22322 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Private Messages for UserPro allows Reflected XSS. This… https://t.co/8ZOdrgBYyV

    @CVEnew

    21 Jan 2025

    246 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.