Cross-site Scripting Vulnerability in Likert Survey Master by Bob Likert
CVE-2025-53426

7.1HIGH

Key Information:

Vendor: WordPress
Status: Likert Survey Master
Vendor: CVE Published:; 22 October 2025

What is CVE-2025-53426?

The Likert Survey Master plugin by Bob Likert is vulnerable to a Cross-site Scripting (XSS) issue due to improper handling of user input during web page generation. This vulnerability can allow attackers to inject malicious scripts into web pages viewed by users, which may lead to unauthorized actions and data theft. All versions of the plugin up to and including 0.8.0.1 are affected, necessitating immediate attention to mitigate potential exploitation.

Affected Version(s)

Likert Survey Master <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/like...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Jun 30, 2025

Credit

Nguyen Xuan Chien (Patchstack Alliance)

JSON