CVE-2025-58223

Name of the Vulnerable Software and Affected Versions VoucherPress versions through 1.5.7

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages and executed by unsuspecting users. The affected component allows an attacker to inject malicious code through web pages.

Recommendations Update VoucherPress to a version later than 1.5.7.