CVE-2025-24731

Medium CVSS: 4.8

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker ip2location-country-blocker allows Stored XSS.This issue affects Download IP2Location Country Blocker: from n/a through <= 2.38.3.

Vendor

Ip2location

Product

Country Blocker

CWE

CWE-79

Yayın Tarihi

2025-01-24 18:15:47

Güncelleme

2026-04-01 17:18:10

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Country Blocker MEDIUM Ip2location 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/ip2location-country-blocker/vulnerability/wordpress-ip2location-country-blocker-plugin-2-38-3-cross-site-scripting-xss-vulnerability?_s_id=cve