CVE-2025-39431

Publication date

2025-04-17 15:16:59

Family

Patchstack

State

PUBLISHED

Description

Cross-Site Request Forgery (CSRF) vulnerability in Aaron Forgue Amazon Showcase WordPress Plugin allows Stored XSS. This issue affects Amazon Showcase WordPress Plugin: from n/a through 2.2.