Cross-Site Scripting Vulnerability in Google AdSense for Responsive Design by The Plugin Factory
CVE-2025-67632

Currently unrated

Key Information:

Vendor

WordPress
Status
Google Adsense For Responsive Design – Gard
Vendor
CVE Published:
24 December 2025

What is CVE-2025-67632?

The vulnerability identified allows for DOM-Based Cross-Site Scripting (XSS) attacks in Google AdSense for Responsive Design by The Plugin Factory. By improperly neutralizing input during the web page generation process, attackers can inject malicious scripts into webpages, compromising user data and site integrity. This issue affects versions up to and including 2.23, making it crucial for users to update their plugins to safeguard against potential exploitation.

Affected Version(s)

Google AdSense for Responsive Design &#8211; GARD <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/goog...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Muhammad Nur Ibnu Hubab | Patchstack Bug Bounty Program
JSON
.
CVE-2025-67632 : Cross-Site Scripting Vulnerability in Google AdSense for Responsive Design by The Plugin Factory