CVE-2025-22827

Name of the Vulnerable Software and Affected Versions WP Joomag versions n/a through 2.5.2

Description The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. Specifically, WP Joomag allows DOM-Based XSS, which can be exploited.

Recommendations For WP Joomag versions n/a through 2.5.2, update to a version later than 2.5.2 to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable DOM elements until a patch is available.