CVE-2025-11733

Vulnerability Description

The Footnotes Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Vulnerability Details

Published Date

November 04, 2025

Last Modified

November 04, 2025

Source

NVD

CVE-2025-11733

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment