CVE-2025-13311 | Just Highlight Plugin up to 1.0.3 on WordPress Setting Highlight Color cross site scripting

Inserito da Angelo Barbosa | Nov 25, 2025 | CVE

A vulnerability labeled as problematic has been found in Just Highlight Plugin up to 1.0.3 on WordPress. Affected by this vulnerability is an unknown functionality of the component Setting Handler. Such manipulation of the argument Highlight Color leads to cross site scripting.

This vulnerability is documented as CVE-2025-13311. The attack can be executed remotely. There is not any exploit available.

CVE-2025-13311 | Just Highlight Plugin up to 1.0.3 on WordPress Setting Highlight Color cross site scripting

Post correlati

CVE-2025-25973 | Ppress 0.0.9 Related Recommendations article.category article.title/article.category/article.tags cross site scripting

CVE-2024-40723 | CHANGING Information Technology HWATAIServiSign prior 1.0.24.0219 on Windows API stack-based overflow

CVE-2025-64202 | TieLabs Sahifa Plugin up to 5.8.6 on WordPress cross site scripting

CVE-2024-24815 | CKeditor4 up to 4.23.x HTML Parsing Module cross site scripting (GHSA-fq6h-4g8v-qqvm)