CVE-2025-48312

Name of the Vulnerable Software and Affected Versions WPAvatar versions through 1.9.3

Description The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-Site Scripting (XSS).

Recommendations Update WPAvatar to a version later than 1.9.3.