CVE-2025-54668Cross-site Scripting in Iqbal Mycred

CWE-79Cross-site Scripting3 documents3 sources
Severity
N/A
No vector
EPSS
0.0%
top 90.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Saad Iqbal Mycred
Timeline
PublishedAug 14

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through <= 2.9.4.3.

Affected Packages1 packages

CVEListV5saad_iqbal/mycred2.9.4.3

🔴Vulnerability Details

2
CVEList
WordPress myCred plugin <= 2.9.4.3 - Cross Site Scripting (XSS) Vulnerability2025-08-14
GHSA
GHSA-628h-hvg9-cv4c: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred allows Stored XSS2025-08-14
CVE-2025-54668 — Cross-site Scripting in Iqbal Mycred | cvebase