CVE-2025-28905

Name of the Vulnerable Software and Affected Versions: Chaser324 Featured Posts Grid versions 1.7 and earlier

Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that an attacker can inject malicious scripts into the website, potentially affecting users who access the compromised page.

Recommendations: For Chaser324 Featured Posts Grid versions 1.7 and earlier, update to a version that addresses the Stored XSS issue, as no specific fix is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.