CVE-2025-31642

Name of the Vulnerable Software and Affected Versions Dasinfomedia WPCHURCH versions through 2.7.0

Description The software contains a flaw due to improper neutralization of input during web page generation, specifically a Reflected Cross-site Scripting (XSS) issue. This allows for the injection of malicious scripts into web pages. The affected component is susceptible to exploitation when processing user-supplied input without adequate sanitization. The API endpoint and vulnerable parameters are not specified.

Recommendations Update Dasinfomedia WPCHURCH to a version later than 2.7.0.