CVE-2025-23489

Published Jan 21, 2025

Last updated 3 days ago

Overview

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Messenlehner WP-Announcements wp-announcements allows Reflected XSS.This issue affects WP-Announcements: from n/a through <= 1.8.
Source: audit@patchstack.com
NVD status: Deferred

Weaknesses

audit@patchstack.com: CWE-79

Hype score: Not currently trending

CVE-2025-23489 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Messenlehner of WebDevStudios WP-Announcements allows Refl… https://t.co/MAIW4EgZ0Z
@CVEnew
21 Jan 2025
225 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.