CVE-2025-4369 | Companion Auto Update Plugin up to 3.9.2 on WordPress update_delay_days cross site scripting

July 15, 2025 Yanac

A vulnerability, which was classified as problematic, was found in Companion Auto Update Plugin up to 3.9.2 on WordPress. This affects an unknown part. The manipulation of the argument update_delay_days leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-4369. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More