CVE Details
Basic Information
| Title | CVE-2025-31027 |
|---|---|
| Type | cve |
| Published | 2025-05-19T20:15:21 |
| Last Seen | 2025-05-19T20:23:57 |
CVSS Information
| Base Score | 7.1 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A Reflected Cross-Site Scripting (XSS) vulnerability in the Tiger plugin by jocoxdesign allows attackers to inject malicious scripts into web pages. This can lead to session hijacking or unauthorized actions on behalf of the user. The vulnerability affects versions of Tiger up to 2.0. |
|---|---|
| AI Severity | High |
| Vendor | WordPress Community |
| Product | Tiger |
| Affected Version | 2.0 and below |
Additional Information
| CVE List | CVE-2025-31027 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in jocoxdesign Tiger tiger allows Reflected XSS. This issue affects Tiger: from n/a through 2.0.
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)