CVE-2025-22586

The vulnerable software is WPEX Replace DB Urls, developed by Detlef Stöver. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows Reflected XSS. This issue affects WPEX Replace DB Urls versions from n/a through 0.4.0. The vulnerability has been assigned the CVE identifier CVE-2025-22586. There is no information provided about a public exploit or whether the vulnerability has been exploited by attackers. Additionally, there is no information about the number of Internet users that can be affected by the exploitation of this vulnerability. It is recommended to update WPEX Replace DB Urls to a version later than 0.4.0 to prevent potential attacks.

#WPEXReplaceDBUrls #CrossSiteScripting #XSS #ReflectedXSS #CVE202522586 #DetlefStöver #ImproperNeutralizationOfInput #WebPageGeneration #Vulnerability