PT-2026-26029 · WordPress · Get Use Apis
Ahmed Makawi
·
Published
2026-03-18
·
Updated
2026-03-18
·
CVE-2025-15363
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Get Use APIs WordPress plugin versions prior to 2.0.10
Description
The Get Use APIs WordPress plugin executes imported JSON, potentially enabling Cross-Site Scripting (XSS) attacks. Users with a contributor role or higher may be able to perform these attacks under specific server configurations.
Recommendations
Update the Get Use APIs WordPress plugin to version 2.0.10 or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Get Use Apis