NuytsTech Security

CVE-2025-68080

by ·

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Saad Iqbal User Avatar – Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar – Reloaded: from n/a through <= 1.2.2. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/user-avatar-reloaded/vulnerability/wordpress-user-avatar-reloaded-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Tags: