CVE-2025-9487 | wpase Admin and Site Enhancements Plugin up to 7.9.7 on WordPress SVG File Parser xmlrpc.php cross site scripting

A vulnerability was found in wpase Admin and Site Enhancements Plugin up to 7.9.7 on WordPress and classified as problematic. The affected element is an unknown function of the file xmlrpc.php of the component SVG File Parser. Executing manipulation can lead to cross site scripting.

This vulnerability is registered as CVE-2025-9487. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More