CVE-2025-68080 | Saad Iqbal User Avatar Plugin up to 1.2.2 on WordPress cross site scripting

December 16, 2025 Yanac

A vulnerability has been found in Saad Iqbal User Avatar Plugin up to 1.2.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-68080. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More