CVE Catalog
CVE-2025-15658
MediumCVSS 5.9Exploitation Probability (EPSS)
Low risk0.14%
4th percentile — higher than 4% of all known CVEs
Summary
There is a Cross Site Scripting (XSS) vulnerability in WP Emmet versions <= 0.3.4 that can be exploited by administrators.
Risk Assessment
An attacker could exploit this vulnerability to inject malicious code, potentially leading to data theft or session hijacking of the administrator.
Recommendation
It is recommended to update WP Emmet to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Administrator Cross Site Scripting (XSS) in WP Emmet <= 0.3.4 versions.

