CVE-2025-57986

Name of the Vulnerable Software and Affected Versions husani WP Subtitle versions through 3.4.1

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-Site Scripting (XSS). This means that malicious code can be injected into the website and executed by other users. The vulnerability allows an attacker to inject malicious scripts into web pages. The vulnerable component is susceptible to Stored XSS attacks.

Recommendations Update to a version later than 3.4.1