Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker allows Stored XSS. This issue affects Download IP2Location Country Blocker: from n/a through 2.38.3.
Metrics
Affected Vendors & Products
Fixes
Solution
Update the WordPress Download IP2Location Country Blocker wordpress plugin to the latest available version (at least 2.38.4).
Workaround
No workaround given by the vendor.
References
History
Tue, 12 Aug 2025 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ip2location
Ip2location country Blocker |
|
CPEs | cpe:2.3:a:ip2location:country_blocker:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Ip2location
Ip2location country Blocker |
Fri, 24 Jan 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IP2Location Download IP2Location Country Blocker allows Stored XSS. This issue affects Download IP2Location Country Blocker: from n/a through 2.38.3. | |
Title | WordPress IP2Location Country Blocker plugin <= 2.38.3 - Cross Site Scripting (XSS) vulnerability | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2025-02-12T20:01:17.341Z
Reserved: 2025-01-23T14:52:44.768Z
Link: CVE-2025-24731

No data.

Status : Analyzed
Published: 2025-01-24T18:15:47.370
Modified: 2025-08-12T16:22:18.717
Link: CVE-2025-24731

No data.

No data.