How severe is CVE-2025-68887?

CVE-2025-68887 has a CVSS v3 score of 7.1 (HIGH).

CVE-2025-68887

7.1HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows

Published: 1/8/2026Updated: 1/8/2026

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory wp-businessdirectory allows Reflected XSS.This issue affects WP-BusinessDirectory: from n/a through <= 3.1.5.

AI AnalysisPowered by AI

References

https://vdp.patchstack.com/database/Wordpress/Plugin/wp-businessdirectory/vulnerability/wordpress-wp-businessdirectory-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve