Cross-site Scripting Vulnerability in Dropdown Multisite Selector by WordPress
CVE-2025-31090
6.5MEDIUM
What is CVE-2025-31090?
A Cross-site Scripting vulnerability exists in the Dropdown Multisite Selector for WordPress, allowing attackers to inject malicious scripts through improperly sanitized input during web page generation. This vulnerability could enable stored attacks, affecting users who load compromised pages. Website administrators should ensure that they update to the latest secure version to mitigate this risk and safeguard user interactions.
Affected Version(s)
Dropdown Multisite selector < 0.9.4