CVE-2025-39514Cross-site Scripting in Forum

CWE-79Cross-site Scripting3 documents3 sources
Severity
N/A
No vector
EPSS
0.1%
top 66.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Asgaros Forum
Timeline
PublishedApr 16

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum asgaros-forum allows Stored XSS.This issue affects Asgaros Forum: from n/a through <= 3.2.1.

Affected Packages1 packages

CVEListV5asgaros/asgaros_forum3.2.1

🔴Vulnerability Details

2
CVEList
WordPress Asgaros Forum plugin <= 3.2.1 - Cross Site Scripting (XSS) vulnerability2025-04-16
GHSA
GHSA-5vpj-4f48-j8qc: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asgaros Asgaros Forum allows Stored XSS2025-04-16
CVE-2025-39514 — Cross-site Scripting in Asgaros Forum | cvebase