Share:

CVE-2025-46226

Moderate 6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ferranfg MPL-Publisher allows Stored XSS. This issue affects MPL-Publisher: from n/a through 2.18.0.

Published April 22, 2025.

Affected software

Mpl-publisher Mpl-publisher

Get alerts for Mpl-publisher Mpl-publisher

Reference links

https://patchstack.com/database/wordpress/plugin/mpl-publisher/vulnerability/wordpress-mpl-publisher-2-18-0-cross-site-scripting-xss-vulnerability?_s_id=cve