CVE-2025-48321

Cross-Site Request Forgery (CSRF) vulnerability in dyiosah Ultimate twitter profile widget allows Stored XSS. This issue affects Ultimate twitter profile widget: from n/a through 1.0.

More information : https://patchstack.com/database/wordpress/plugin/ultimate-twitter-profile-widget/vulnerability/wordpress-ultimate-twitter-profile-widget-plugin-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve