CVE-2025-23960

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL allows Reflected XSS. This issue affects Save & Import Image from URL: from n/a through 0.7.

Affected Software
References

There are no affected software configurations available.

https://patchstack.com/database/wordpress/plugin/save-import-image-from-url/vulnerability/wordpress-save-import-image-from-url-plugin-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

CVE: CVE-2025-23960
Published: Jan 23, 2025
Updated: May 4, 2025
Exploit:

CWE-79

A7 - Cross-Site Scripting (XSS)

CVE-2025-23960

Description

Details

CWEs

OWASP TOP 10