CVE-2025-12580 | SMS Plugin up to 1.1.8 on WordPress paged cross site scripting

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability has been found in SMS Plugin up to 1.1.8 on WordPress and classified as problematic. The impacted element is an unknown function. Performing manipulation of the argument paged results in cross site scripting.

This vulnerability was named CVE-2025-12580. The attack may be initiated remotely. There is no available exploit.

CVE-2025-12580 | SMS Plugin up to 1.1.8 on WordPress paged cross site scripting

Post correlati

CVE-2023-6397 | Zyxel ATP/USG FLEX RAR File null pointer dereference

CVE-2025-52449 | Salesforce Tableau Server prior 2023.3.19/2024.2.12/2025.1.3 on Windows/Linux Extensible Protocol Service unrestricted upload

CVE-2024-5384 | SourceCodester Facebook News Feed Like 1.0 index.php page sql injection

CVE-2024-23380 | Qualcomm Snapdragon up to WSA8845H User Packet use after free