Cross-site Scripting Vulnerability in Debashish IFrame Widget by WordPress
CVE-2025-30939
5.9MEDIUM
What is CVE-2025-30939?
The Debashish IFrame Widget contains an improper neutralization of input vulnerability during web page generation, leading to a stored Cross-site Scripting (XSS) issue. When exploited, this vulnerability could allow an attacker to inject malicious scripts into the pages viewed by users, potentially compromising their data and security. The issue affects IFrame Widget from an unspecified version up to 4.1, making it crucial for users to evaluate their installations and apply necessary security measures.
Affected Version(s)
IFrame Widget <= 4.1