Vulnerabilities and security researches forwc-dropi-integration wc-dropi-integration

Nov 10, 2025

CVE, Research URL: CVE-2025-53286
Home page URL: Security reports for Dropify
Application: Dropify
Date: Nov 06, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jhainey Milevis Dropify wc-dropi-integration allows Reflected XSS.This issue affects Dropify: from n/a through <= 4.6.9.
Affected versions: max 4.6.9.
Status: vulnerable