Cross-site Scripting Risk in Timeline Event History by WordPress
CVE-2025-31595
6.5MEDIUM
What is CVE-2025-31595?
A Cross-site Scripting (XSS) vulnerability in the Timeline Event History plugin for WordPress allows attackers to inject malicious scripts into web pages viewed by users. This issue affects versions from n/a through 3.2, enabling the possibility of stored XSS attacks, potentially compromising user data and security.
Affected Version(s)
Timeline Event History <= 3.2