CVE-2025-39409

Name of the Vulnerable Software and Affected Versions: WordPress Video Robot - The Ultimate Video Importer versions 1.20.0 and earlier

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for malicious scripts to be injected into web pages. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations: For WordPress Video Robot - The Ultimate Video Importer versions 1.20.0 and earlier, update to a version later than 1.20.0 to resolve the issue.