How severe is CVE-2025-67927?

CVE-2025-67927 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2025-67927

6.1MEDIUM

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper F

Published: 1/8/2026Updated: 1/8/2026

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through <= 0.8.8.

AI AnalysisPowered by AI

References

https://vdp.patchstack.com/database/Wordpress/Plugin/link-whisper/vulnerability/wordpress-link-whisper-free-plugin-0-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve