CVE-2025-53352: WordPress Grid Plus plugin <= 3.3 - Cross Site Scripting (XSS) vulnerability

Q: What is the severity of CVE-2025-53352?

CVE-2025-53352 has a medium severity rating due to its potential for Cross-site Scripting (XSS) attacks.

Q: How do I fix CVE-2025-53352?

To fix CVE-2025-53352, update the G5Theme Grid Plus plugin to version 3.4 or later.

Q: What type of vulnerability is CVE-2025-53352?

CVE-2025-53352 is a Cross-site Scripting (XSS) vulnerability stemming from improper neutralization of input.

Q: Which versions of G5Theme Grid Plus are affected by CVE-2025-53352?

CVE-2025-53352 affects G5Theme Grid Plus versions up to and including 3.3.

Q: What impact does CVE-2025-53352 have on users?

CVE-2025-53352 can allow attackers to execute malicious scripts in the context of users’ browsers.

Published Oct 22, 2025

Updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Grid Plus grid-plus allows Reflected XSS.This issue affects Grid Plus: from n/a through <= 3.3.

Affected Software

2 affected components

G5Theme Grid Plus<=3.3

WordPress Grid Plus plugin<=3.3

Event History

Oct 22, 2025

CVE Published

via MITRE·02:32 PM

Data Sourced

via MITRE·02:32 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·03:15 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2025-53352?

CVE-2025-53352 has a medium severity rating due to its potential for Cross-site Scripting (XSS) attacks.

How do I fix CVE-2025-53352?

To fix CVE-2025-53352, update the G5Theme Grid Plus plugin to version 3.4 or later.

What type of vulnerability is CVE-2025-53352?

CVE-2025-53352 is a Cross-site Scripting (XSS) vulnerability stemming from improper neutralization of input.

Which versions of G5Theme Grid Plus are affected by CVE-2025-53352?

CVE-2025-53352 affects G5Theme Grid Plus versions up to and including 3.3.

What impact does CVE-2025-53352 have on users?