CVE-2025-50014

Name of the Vulnerable Software and Affected Versions: iamapinan PDPA Consent for Thailand versions 1.1.1 and earlier

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the web page, potentially leading to unauthorized access or data theft.

Recommendations: For versions 1.1.1 and earlier, update to a version that fixes the Stored XSS issue to prevent exploitation. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the web page. Avoid using the vulnerable version of iamapinan PDPA Consent for Thailand until a patch is available.