CVE-2025-15363

MEDIUM 5.9

Get Use APIs < 2.0.10 - Contributor+ Stored XSS

CVSS Score

5.9

EPSS Score

0.0%

EPSS Percentile

0th

The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configurations.

Vendor	unknown
Product	get use apis
Published	Mar 18, 2026
Last Updated	Mar 18, 2026

Stay Ahead of the Next One

Get instant alerts for unknown get use apis

Be the first to know when new medium vulnerabilities affecting unknown get use apis are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Get Use APIs

0 < 2.0.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/428d08bb-5329-4406-a785-131bae4ed085/

Credits

Ahmed Makawi WPScan