CVE-2025-24579 — Cross-site Scripting in Phillips Nested Pages

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.3%

top 49.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kyle Phillips Nested Pages

Timeline

PublishedJan 24

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages wp-nested-pages allows Stored XSS.This issue affects Nested Pages: from n/a through <= 3.2.9.

Affected Packages1 packages

▶CVEListV5kyle_phillips/nested_pages3.2.9

🔴Vulnerability Details

GHSA

GHSA-66g8-r87v-92fx: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS↗2025-01-24

▶

CVEList

WordPress Nested pages plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability↗2025-01-24

▶