CVE-2025-14316

Name of the Vulnerable Software and Affected Versions AhaChat Messenger Marketing WordPress plugin versions through 1.1

Description The plugin does not properly sanitize and escape a parameter before displaying it on the page, which can lead to a Reflected Cross-Site Scripting issue. This could potentially be used to compromise accounts with high privileges, such as administrators. The issue involves improper handling of user-supplied input, allowing malicious scripts to be injected into the web page.

Recommendations Update the AhaChat Messenger Marketing WordPress plugin to a version later than 1.1.