CVE-2025-31595

Name of the Vulnerable Software and Affected Versions wpdiscover Timeline Event History versions 3.2 and earlier

Description The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting (XSS) vulnerability. This allows for the storage of malicious scripts in the Timeline Event History, potentially affecting users who access the affected pages.

Recommendations For versions 3.2 and earlier, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. As a temporary workaround, consider restricting access to the Timeline Event History feature until a patch is available. Avoid using the Timeline Event History feature until the issue is resolved.