How severe is CVE-2025-68874?

CVE-2025-68874 has a CVSS v3 score of 7.1 (HIGH).

CVE-2025-68874

7.1HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Visitor Stats Widget visitor-stats-widget allows Reflected XSS.This issue affects Visitor

Publicado: 1/8/2026Actualizado: 1/8/2026

Descripción

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Visitor Stats Widget visitor-stats-widget allows Reflected XSS.This issue affects Visitor Stats Widget: from n/a through <= 1.5.0.

Análisis IAImpulsado por IA

Referencias

https://vdp.patchstack.com/database/Wordpress/Plugin/visitor-stats-widget/vulnerability/wordpress-visitor-stats-widget-plugin-1-5-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve