Cross-site Scripting Vulnerability in SdeWijs Zoomify Embed for WP
CVE-2025-58863
6.5MEDIUM
What is CVE-2025-58863?
The SdeWijs Zoomify embed for WP plugin is susceptible to a Cross-site Scripting (XSS) vulnerability due to improper input neutralization during web page generation. This flaw allows an attacker to inject malicious scripts that can be stored and executed in a user's browser session, potentially compromising sensitive user data and website integrity. Users of affected versions, from n/a to 1.5.2, should take immediate action to mitigate risks.
Affected Version(s)
Zoomify embed for WP <= 1.5.2