CVE-2025-31733
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Apr 1, 2025
CWE ID 79
Summary
CVE-2025-31733 is a Cross-site Scripting (XSS) vulnerability affecting Boot Div WP Sitemap. The issue arises from improper neutralization of user input during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into the affected website. This stored XSS (StXSS) vulnerability exists in versions of WP Sitemap from n/a through 1.0.0 and poses a significant risk to websites using this plugin, potentially leading to data theft or unauthorized access.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.