CVE-2025-31465

{"id": "CVE-2025-31465", "cveTags": [], "metrics": {}, "published": "2025-03-28T12:15:19.237", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/better-section-navigation/vulnerability/wordpress-better-section-navigation-widget-1-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornershop Better Section Navigation Widget better-section-navigation allows Stored XSS.This issue affects Better Section Navigation Widget: from n/a through <= 1.6.1."}, {"lang": "es", "value": "La vulnerabilidad de Neutralizaci\u00f3n Incorrecta de Etiquetas HTML Relacionadas con Scripts en una P\u00e1gina Web (XSS B\u00e1sico) en cornershop Better Section Navigation Widget permite XSS Almacenado. Este problema afecta al Widget de Navegaci\u00f3n de Mejor Secci\u00f3n desde n/d hasta la versi\u00f3n 1.6.1."}], "lastModified": "2026-04-01T17:21:09.840", "sourceIdentifier": "audit@patchstack.com"}