CVE-2025-22314

The vulnerable software is WP Scripts Food Store – Online Food Delivery & Pickup, with versions from n/a through 1.5.1 being affected. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows Reflected XSS. This means that an attacker can inject malicious code into the website, potentially stealing user data or taking control of user sessions. There is a public reference to this vulnerability, CVE-2025-22314, and it is mentioned that the issue affects the specified versions of the Food Store plugin. However, there is no information provided about whether this vulnerability has been exploited by attackers or how many Internet users can be affected. It is essential for users of the affected plugin versions to update to a patched version to prevent potential attacks 🚨. #WPScripts #FoodStore #CrossSiteScripting #XSS #CVE202522314 #ReflectedXSS #Vulnerability #WordPressPlugin #SecurityRisk