CVE-2025-5084

Name of the Vulnerable Software and Affected Versions Post Grid Master versions prior to 3.4.14

Description The Post Grid Master plugin for WordPress is susceptible to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary web scripts into pages, potentially executing if a user is tricked into performing an action, such as clicking a link. The vulnerability resides in the argsArray['read more text'] parameter.

Recommendations Update Post Grid Master to version 3.4.14 or later.