CVE-2025-49909 | Penci Bookmark & Follow Plugin up to 2.3 on WordPress cross site scripting

A vulnerability identified as problematic has been detected in Penci Bookmark & Follow Plugin up to 2.3 on WordPress. This impacts an unknown function. This manipulation causes cross site scripting.

This vulnerability appears as CVE-2025-49909. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More