CVE Details
Basic Information
| Title | CVE-2025-47611 |
|---|---|
| Type | cve |
| Published | 2025-05-23T13:15:40 |
| Last Seen | 2025-05-23T14:23:10 |
CVSS Information
| Base Score | 7.1 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A reflected Cross-site Scripting (XSS) vulnerability in the Khaled User Meta plugin allows attackers to inject malicious scripts into web pages. This affects versions up to 3.1.2 and could lead to unauthorized actions on behalf of users. |
|---|---|
| AI Severity | High |
| Vendor | WordPress Community |
| Product | Khaled User Meta |
| Affected Version | 3.1.2 |
Additional Information
| CVE List | CVE-2025-47611 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Khaled User Meta allows Reflected XSS. This issue affects User Meta: from n/a through 3.1.2.
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)