Cross-Site Scripting Vulnerability in ThimPress WP Pipes Plugin
CVE-2025-28977
7.1HIGH
What is CVE-2025-28977?
A reflected Cross-Site Scripting (XSS) vulnerability exists in the WP Pipes plugin by ThimPress, allowing attackers to inject malicious scripts into web pages viewed by users. This can lead to unauthorized access and exploitation of sensitive information, making it crucial for users of WP Pipes versions through 1.4.3 to apply necessary security measures.
Affected Version(s)
WP Pipes <= 1.4.3