CVE-2025-24564

Publication date

2025-02-14 12:44:34

Family

Patchstack

State

PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in aviplugins.com Contact Form With Shortcode allows Reflected XSS. This issue affects Contact Form With Shortcode: from n/a through 4.2.5.