CVE-2025-13448 | CSSIgniter Shortcodes Plugin up to 2.4.1 on WordPress Shortcode element cross site scripting

Inserito da Angelo Barbosa | Dic 2, 2025 | CVE

A vulnerability described as problematic has been identified in CSSIgniter Shortcodes Plugin up to 2.4.1 on WordPress. Affected is an unknown function of the component Shortcode Handler. The manipulation of the argument element results in cross site scripting.

This vulnerability is known as CVE-2025-13448. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-13448 | CSSIgniter Shortcodes Plugin up to 2.4.1 on WordPress Shortcode element cross site scripting

Post correlati

CVE-2024-0851 | Grup Arge Energy and Control Systems Smartpower up to 24.05.27 sql injection

CVE-2024-6843 | Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress cross site scripting

CVE-2024-52024 | Netgear XR300/R6400/R7000P HTTP POST Request wizpppoe.cgi pppoe_localip stack-based overflow

CVE-2024-11226 | FireCask Like & Share Button Plugin up to 1.2 on WordPress width cross site scripting