CVE-2025-3704 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in DBAR Productions Volunteer Sign Up Sheets allows Stored XSS.This issue affects Volunteer Sign Up Sheets: from n/a before 5.5.5.

The patch is available exclusively on GitHub at https://github.com/dbarproductions/pta-volunteer-sign-up-sheets as the vendor encounters difficulties using SVN to deploy to the WordPress.org repository.

Reference

https://github.com/dbarproductions/pta-volunteer-sign-up-sheets/archive/refs/tags/5.5.5.zip https://patchstack.com/database/wordpress/plugin/pta-volunteer-sign-up-sheets/vulnerability/wordpress-volunteer-sign-up-sheets-plugin-5-5-5-cross-site-scripting-xss-vulnerability?_s_id=cve