CVE-2025-24610

Name of the Vulnerable Software and Affected Versions Restrict Anonymous Access versions 1.2 and earlier

Description The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting (XSS). Specifically, it is a Stored XSS vulnerability. This means that an attacker can inject malicious scripts into the website, which are then stored and executed when other users access the site.

Recommendations For versions 1.2 and earlier, consider disabling the functionality that allows user input to be stored and displayed on the web page until a patch is available. Restrict access to sensitive areas of the website to minimize the risk of exploitation. Avoid using the Restrict Anonymous Access plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.