๐Ÿ” CVE Alert

CVE-2025-25137

UNKNOWN 0.0

WordPress Social Links plugin <= 1.0.11 - Stored Cross-Site Scripting vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Cross-Site Request Forgery (CSRF) vulnerability in kareemsultan Social Links social-links allows Stored XSS.This issue affects Social Links: from n/a through <= 1.0.11.

CWE CWE-352
Vendor kareemsultan
Product social links
Published Mar 3, 2025
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for kareemsultan social links

Be the first to know when new unknown vulnerabilities affecting kareemsultan social links are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

kareemsultan / Social Links
0 โ‰ค 1.0.11

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/social-links/vulnerability/wordpress-facilita-form-tracker-plugin-1-0-csrf-to-stored-xss-vulnerability-2?_s_id=cve

Credits

Abdi Pranata | Patchstack Bug Bounty Program