CVE Details
Basic Information
| Title |
CVE-2025-39407 |
| Type |
cve |
| Published |
2025-05-19T19:15:49 |
| Last Seen |
2025-05-19T19:18:50 |
CVSS Information
| Base Score |
7.1 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
NONE |
| User Interaction |
REQUIRED |
| Scope |
CHANGED |
| Confidentiality Impact |
LOW |
| Integrity Impact |
LOW |
| Availability Impact |
LOW |
AI Analysis
| AI Description |
A reflected Cross-site Scripting (XSS) vulnerability in MemberPress allows attackers to inject malicious scripts, potentially stealing user data or taking control of user sessions. This issue is moderately severe and requires user interaction. |
| AI Severity |
High |
| Vendor |
WordPress Community |
| Product |
Memberpress |
| Affected Version |
|
Additional Information
| CVE List |
CVE-2025-39407 |
| CWE List |
CWE-79 |
| Bulletin Family |
cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Caseproof, LLC Memberpress allows Reflected XSS. This issue affects…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
