CVE-2025-13656 | Cute News Ticker Plugin up to 1.0 on WordPress Shortcode color cross site scripting

Inserito da Angelo Barbosa | Dic 6, 2025 | CVE

A vulnerability labeled as problematic has been found in Cute News Ticker Plugin up to 1.0 on WordPress. This impacts the function Color of the component Shortcode Handler. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2025-13656. The attack can be executed remotely. There is not any exploit available.

CVE-2025-13656 | Cute News Ticker Plugin up to 1.0 on WordPress Shortcode color cross site scripting

Post correlati

CVE-2025-10862 | Popup Builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers Plugin sql injection

CVE-2024-24758 | Undici Header Proxy-Authorization unknown vulnerability

CVE-2024-43161 | Averta Depicter Slider Plugin up to 3.1.2 on WordPress cross site scripting

CVE-2024-25047 | IBM Cognos Analytics up to 12.0.2 neutralization for logs (XFDB-282956)