Cross-site Scripting Vulnerability in IGIT Related Posts With Thumb Image After Posts by phpaddicted
CVE-2025-46518

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Igit Related Posts With Thumb Image After Posts
Vendor: CVE Published:; 23 May 2025

What is CVE-2025-46518?

The IGIT Related Posts With Thumb Image After Posts plugin by phpaddicted is susceptible to a Cross-site Scripting (XSS) vulnerability that allows for the injection of malicious scripts into web pages. This vulnerability can be exploited by an attacker to store harmful content, affecting users and potentially compromising site integrity. The issue is present in versions of the plugin up to 4.5.3, presenting significant security risks for websites utilizing this plugin.

Affected Version(s)

IGIT Related Posts With Thumb Image After Posts <= 4.5.3

References

https://patchstack.com/database/wordpress/plugin/igit-rel...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2025
Vulnerability Reserved
Apr 24, 2025

Credit

johska (Patchstack Alliance)