CVE-2025-63027 – WordPress WBC907 Core plugin

CVE ID : CVE-2025-63027

Published : Dec. 30, 2025, 4:03 p.m. | 20 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Webcreations907 WBC907 Core allows Stored XSS.This issue affects WBC907 Core: from n/a through 3.4.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15262 – BiggiDroid Simple PHP CMS Site Logo edit.php unrestricted upload

CVE-2025-15258 – Edimax BR-6208AC Web-based Configuration formALGSetup redirect

CVE-2025-68950 – Magick’s failure to limit MVG mutual references forming a loop

CVE-2025-68926 – RustFS has a gRPC Hardcoded Token Authentication Bypass