CVE-2025-58703

Name of the Vulnerable Software and Affected Versions skyword Skyword API Plugin versions through 2.5.3

Description The skyword Skyword API Plugin contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This issue could potentially allow an attacker to inject malicious scripts into web pages viewed by other users. The vulnerability exists due to insufficient sanitization of user-supplied data before it is included in the generated web page. This could lead to the execution of arbitrary JavaScript code in the context of a user's browser.

Recommendations Update skyword Skyword API Plugin to a version later than 2.5.3.