CVE-2025-14205 MEDIUM

CVE-2025-14205: code-projects Chamber of Commerce Membership Management System Your Info membership_profile.php cross site scripting

Vendor Code-Projects
Product Chamber of Commerce Membership Management System
Weakness CWE-79 · XSS
Published December 7, 2025
Last update December 8, 2025

CVSS base score

4.8/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membership_profile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

Key dates

02Disclosure timeline

December 7, 2025 CVE published
December 8, 2025 Record updated