CVE-2025-2325 – WordPress WP Test Email Stored Cross-Site Scripting Vulnerability

March 15, 2025
9:17 am

CVE ID : CVE-2025-2325

Published : March 15, 2025, 7:15 a.m. | 1 hour, 47 minutes ago

Description : The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email Logs in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-2325 – WordPress WP Test Email Stored Cross-Site Scripting Vulnerability

Elvescore.io

Recent Posts

CVE-2019-25222 – WordPress Thumbnail Carousel Slider SQL Injection

CVE-2025-2157 – Foreman/Red Hat Satellite File Permission Vulnerability