CVE Details
Basic Information
| Title | CVE-2025-43832 |
|---|---|
| Type | cve |
| Published | 2025-05-19T19:15:50 |
| Last Seen | 2025-05-19T19:18:50 |
CVSS Information
| Base Score | 7.1 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A reflected XSS vulnerability in the andreyk Remote Images Grabber plugin allows attackers to inject malicious scripts into web pages. This could lead to session hijacking or unauthorized actions. The vulnerability is moderately severe but may not be widely exploited due to the plugin’s niche usage. |
|---|---|
| AI Severity | Medium |
| Vendor | WordPress Community |
| Product | andreyk Remote Images Grabber |
| Affected Version | Unknown |
Additional Information
| CVE List | CVE-2025-43832 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (“Cross-site Scripting”) vulnerability in andreyk Remote Images Grabber allows Reflected XSS. This issue affects Remote Images Grabber: from…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)