CVE-2025-30898 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Mahdi Yousefi [MahdiY] ?????? ??? ? ??? ??????? (??? ?????? ? ??????? ??? ??????) allows Stored XSS. This issue affects ?????? ??? ? ??? ??????? (??? ?????? ? ??????? ??? ??????): from n/a through 4.2.3.

Reference

https://patchstack.com/database/wordpress/plugin/persian-woocommerce-shipping/vulnerability/wordpress-fzonh-hml-o-nkl-oo-mrs-st-sht-z-o-sf-rsh-motor-plugin-4-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve

Related CNNVD

CNNVD-202508-1063 (Published: 2025-08-12)