CVE-2025-24810

Name of the Vulnerable Software and Affected Versions Simple Image Sizes versions 3.2.3 and earlier

Description A cross-site scripting issue exists, allowing an arbitrary script to be executed on the web browser of a user with administrative privileges who accesses the settings screen. This can occur when the vulnerability is exploited.

Recommendations For versions 3.2.3 and earlier, update to a version later than 3.2.3 to resolve the issue. As a temporary workaround, consider restricting access to the settings screen for users with administrative privileges until a patch is available.