Cross-site Scripting Vulnerability in Modern Footnotes by Prismtech Studios
CVE-2025-50049
6.5MEDIUM
What is CVE-2025-50049?
A stored Cross-site Scripting (XSS) vulnerability exists in the Modern Footnotes plugin, allowing attackers to inject malicious scripts during web page generation. This affects all versions from n/a to 1.4.19, potentially compromising site integrity and user security by executing unauthorized scripts in the context of an affected user's browser. Proper sanitization of input is critical to prevent exploitation of this vulnerability.
Affected Version(s)
Modern Footnotes <= 1.4.19