Wpresidence Core allows hackers to inject malicious code into website

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Wpresidence Core allows hackers to inject malicious code into website

CVE-2026-25463

Summary

Wpresidence Core has a security flaw that allows hackers to inject malicious code into your website, which can harm your users or steal their personal information. This issue affects Wpresidence Core versions 5.4.0 and earlier. You should update to the latest version to fix this security issue.

Original title

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate Wpresidence Core wpresidence-core allows Stored XSS.This issue affects Wpresidence Cor...

Original description

nvd CVSS3.1 6.5

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://patchstack.com/database/Wordpress/Plugin/wpresidence-core/vulnerability/...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026