The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configurations.
CVE-2025-15363
NONE
Updated Mar 18, 2026
WordPress
CVE Details
CVE ID
CVE-2025-15363
Published Date
Mar 18, 2026
Vendor
WordPress
Severity
NONE
Impact
Minimal impact
Source
View Advisory