CVE Alert: CVE-2025-5921

August 3, 2025
image 1

Vulnerability Summary: CVE-2025-5921

The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both authenticated and unauthenticated users.

Affected Endpoints:

No affected endpoints listed.

Published Date:

8/1/2025, 6:15:29 AM

⚠️ CVSS Score:

CVSS v3 Score: 5.8 (Medium)

Exploit Status:

Not Exploited

EPS Score: 0.00023 | Ranking EPS: 0.0467

References:

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

292e9ac3d880de2ea1aab77111a7c2019f5031b86a49759ea881f95ad0d58a27

Make Redmond Angry By Setting Up Windows 11 With A Local Account

August 7, 2025
ec84f4efad0cf7c8809b7d905b5620890adcd64619b60cf3fbd692e810bf17ca

Microsoft Promises To Eventually Make Winui ‘truly Open Source’

August 7, 2025
image

CVE Alert: CVE-2024-55402

August 7, 2025
image

CVE Alert: CVE-2024-55398

August 7, 2025
image

CVE Alert: CVE-2025-51054

August 7, 2025