CVE-2025-26575 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Kyle Maurer Display Post Meta allows Reflected XSS. This issue affects Display Post Meta: from n/a through 2.4.4.

Reference

https://patchstack.com/database/wordpress/plugin/display-post-meta/vulnerability/wordpress-display-post-meta-plugin-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve