CVE-2025-15363

Published: Mar 18, 2026 Last Modified: Mar 18, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configurations.

https://wpscan.com/vulnerability/428d08bb-5329-4406-a785-13…
https://wpscan.com/vulnerability/428d08bb-5329-4406-a785-131bae4ed085/