CVE-2025-60147

Name of the Vulnerable Software and Affected Versions HT Feed versions through 1.3.0

Description The HT Feed plugin contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting (XSS). This means an attacker could inject malicious scripts into web pages viewed by other users. The issue allows for the execution of arbitrary code within the context of a user's browser.

Recommendations Update HT Feed to a version later than 1.3.0.