CVE-2025-50042

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com WP Register Profile With Shortcode allows Stored XSS. This issue affects WP Register Profile With Shortcode: from n/a through 3.6.1.

References

https://patchstack.com/database/wordpress/plugin/wp-register-profile-with-shortcode/vulnerability/wordpress-wp-register-profile-with-shortcode-plugin-3-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS