← Back to CVE List
CVE-2025-24564
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Contact Form With Shortcode allows Reflected XSS. This issue affects Contact Form With Shortcode: from n/a through 4.2.5.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt