CVE-2025-0687

Name of the Vulnerable Software and Affected Versions: Spiritual Gifts Survey WordPress plugin versions 0.9.10 and earlier

Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because a parameter is not properly sanitized and escaped before being output back in the page. This could be exploited against unauthenticated users.

Recommendations: For Spiritual Gifts Survey WordPress plugin versions 0.9.10 and earlier, update to a version that properly sanitizes and escapes parameters to prevent Cross-Site Scripting. At the moment, there is no information about a newer version that contains a fix for this vulnerability.