CVE-2025-31892 — Cross-site Scripting in WP Crowdfunding

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 66.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Themeum WP Crowdfunding

Timeline

PublishedApr 1

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding wp-crowdfunding allows Stored XSS.This issue affects WP Crowdfunding: from n/a through <= 2.1.15.

Affected Packages1 packages

▶CVEListV5themeum/wp_crowdfunding2.1.15

🔴Vulnerability Details

GHSA

GHSA-hp5h-mhh6-jhx4: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS↗2025-04-01

▶

CVEList

WordPress WP Crowdfunding plugin <= 2.1.15 - Cross Site Scripting (XSS) vulnerability↗2025-04-01

▶