CVE-2025-23550 – WordPress Product Puller plugin

CVE ID : CVE-2025-23550

Published : Dec. 29, 2025, 11:50 p.m. | 33 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Kemal YAZICI Product Puller allows Reflected XSS.This issue affects Product Puller: from n/a through 1.5.1.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…