CVE-2025-14554 | hayyatapps Sell BTC Plugin up to 1.5 on WordPress Orders Page orderform_data cross site scripting

Inserito da Angelo Barbosa | Gen 31, 2026 | CVE

A vulnerability labeled as problematic has been found in hayyatapps Sell BTC Plugin up to 1.5 on WordPress. This affects the function orderform_data of the component Orders Page. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2025-14554. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2025-14554 | hayyatapps Sell BTC Plugin up to 1.5 on WordPress Orders Page orderform_data cross site scripting

Post correlati

CVE-2023-50443 | PRIMX CRYHOD prior 2020.4/2023.5 on Windows UNC Reference access control

CVE-2024-12968 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php edit_jobpost jobtype sql injection

CVE-2025-1747 | OpenCart up to 4.0.x /account/login name cross site scripting

CVE-2024-48984 | MBed OS 6.16.0 HCI Parsing buffer overflow