CVE-2025-25916

Name of the Vulnerable Software and Affected Versions wuzhicms version 4.1.0

Description The issue is a Cross Site Scripting (XSS) vulnerability in the del function located in coreframeappmemberadmingroup.php. This vulnerability can be exploited to execute malicious scripts on the victim's browser.

Recommendations For wuzhicms version 4.1.0, consider disabling the del function in coreframeappmemberadmingroup.php until a patch is available. Restrict access to the vulnerable file to minimize the risk of exploitation. Avoid using the del function in the affected PHP file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.