Cross-site Scripting Vulnerability in QuanticaLabs CSS3 Vertical Web Pricing Tables
CVE-2025-52727
7.1HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 27 June 2025
What is CVE-2025-52727?
A Cross-site Scripting (XSS) vulnerability in QuanticaLabs CSS3 Vertical Web Pricing Tables allows attackers to inject malicious scripts into web pages. This flaw affects versions from n/a through 1.9, permitting reflected XSS, which can compromise user data and lead to unauthorized access. Website operators using the affected plugin should implement immediate remediation measures to protect against potential exploits.
Affected Version(s)
CSS3 Vertical Web Pricing Tables <= 1.9
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) (Patchstack Alliance)