CVE-2025-28914

Name of the Vulnerable Software and Affected Versions: Ajay Sharma wordpress login form to anywhere versions n/a through 0.2

Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting (XSS). Specifically, it enables Stored XSS. This problem affects the WordPress login form.

Recommendations: For versions n/a through 0.2, consider disabling the login form functionality until a patch is available to prevent exploitation. Restrict access to the login form to minimize the risk of Stored XSS attacks. Avoid using the vulnerable login form until the issue is resolved.