July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft Edge Vulnerabilities
April 4, 2025Critical Request Smuggling Flaw Found in Apache Traffic Server
April 4, 2025Multiple Microsoft Edge Vulnerabilities
April 4, 2025Critical Request Smuggling Flaw Found in Apache Traffic Server
April 4, 2025
Severity
High
Analysis Summary
CVE-2025-31901 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digihood Digihood HTML Sitemap allows Reflected XSS. This issue affects Digihood HTML Sitemap: from n/a through 3.1.1.
CVE-2025-31900 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lexicata Lexicata allows Reflected XSS. This issue affects Lexicata: from n/a through 1.0.16.
CVE-2025-31899 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpshopee Awesome Logos allows Reflected XSS. This issue affects Awesome Logos: from n/a through 1.2.
CVE-2025-31898 CVSS:7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MediaView allows Reflected XSS. This issue affects MediaView: from n/a through 1.1.2.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2025-31901
CVE-2025-31900
CVE-2025-31899
CVE-2025-31898
Affected Vendors
- WordPress
Affected Products
- Digihood Digihood HTML Sitemap - n/a
- lexicata Lexicata - n/a
- wpshopee Awesome Logos - n/a
- NotFound MediaView - n/a
Remediation
Update the WordPress plugin to the latest available version.