Cross-Site Scripting Vulnerability in Saleswonder Team WP2LEADS Plugin

CVE-2025-30827

What is CVE-2025-30827?

A Cross-Site Scripting (XSS) vulnerability has been identified in the Saleswonder Team WP2LEADS plugin, allowing an attacker to inject malicious scripts into web pages displayed to users. This vulnerability occurs due to improper neutralization of user input during web page generation, potentially leading to reflected XSS attacks. Versions from n/a through 3.4.5 of WP2LEADS are affected, posing significant risks to web application integrity and user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References