CVE-2025-39549

Published: 2025-04-16T13:15:47.847

Last Modified: 2025-04-16T13:25:37.340

Source: MITRE CVE List

License: MITRE-CVE-TOS

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in whiletrue Most And Least Read Posts Widget allows Stored XSS. This issue affects Most And Least Read Posts Widget: from n/a through 2.5.20. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt