CVE-2025-12064 | WP2Social Auto Publish Plugin up to 2.4.7 on WordPress PostMessage cross site scripting

Inserito da Angelo Barbosa | Nov 7, 2025 | CVE

A vulnerability marked as problematic has been reported in WP2Social Auto Publish Plugin up to 2.4.7 on WordPress. Impacted is an unknown function of the component PostMessage Handler. Performing manipulation results in cross site scripting.

This vulnerability is known as CVE-2025-12064. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-12064 | WP2Social Auto Publish Plugin up to 2.4.7 on WordPress PostMessage cross site scripting

Post correlati

CVE-2023-3043 | AMI MegaRAC_SPx prior 12.7/13.6 BMC stack-based overflow

CVE-2023-52634 | Linux Kernel up to 6.7.3 DRM disable_otg_wa denial of service (ce29728ef648/2ce156482a6f)

CVE-2024-30051 | Microsoft Windows up to Server 2022 DWM Core Library heap-based overflow

CVE-2025-23848 | Daniel Powney Hotspots Analytics Plugin up to 4.0.12 on WordPress cross-site request forgery