Cross-site Scripting Vulnerability in Status Updater by devu
CVE-2025-25124
7.1HIGH
What is CVE-2025-25124?
The Status Updater plugin by devu contains a cross-site scripting vulnerability that allows for the injection of malicious scripts through improper handling of input during web page generation. This vulnerability can lead to reflected XSS, potentially affecting user sessions and data integrity. It is crucial for users of the affected versions to implement security measures to mitigate risks associated with this oversight.
Affected Version(s)
Status Updater <= 1.9.2