CVE-2025-9115 | Frédéric Sheedy Etsy Shop Plugin up to 3.0.6 on WordPress $_SERVER[‘REQUEST_URI’] cross site scripting

A vulnerability was found in Frédéric Sheedy Etsy Shop Plugin up to 3.0.6 on WordPress. It has been classified as problematic. The impacted element is an unknown function. The manipulation of the argument $_SERVER[‘REQUEST_URI’] leads to cross site scripting.

This vulnerability is documented as CVE-2025-9115. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More