logo

Database

Reflected cross-site scripting (XSS) In drupal/plausible_tracking

Description

Drupal Plausible tracking is vulnerable to XSS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Plausible tracking allows Cross-Site Scripting (XSS). This issue affects Plausible tracking: from 0.0.0 before 1.0.2.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2025-109272. NVD-2025-109273. OSV-2025-109274. GCVE-2025-109275. drupal.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.