Cross-Site Scripting Vulnerability in Truong Thanh ATP Call Now
CVE-2025-50024
5.9MEDIUM
What is CVE-2025-50024?
The Truong Thanh ATP Call Now plugin is susceptible to a Cross-Site Scripting (XSS) vulnerability that can lead to Stored XSS. This weakness allows attackers to inject malicious scripts into web pages, compromising user interactions and data integrity. The flaw is present in versions from n/a to 1.0.3, underscoring the importance of proper input handling during web page generation to mitigate possible attacks.
Affected Version(s)
ATP Call Now <= 1.0.3