CVE-2025-14506 | ConvertForce Popup Builder Plugin up to 0.0.7 on WordPress Gutenberg Block entrance_animation cross site scripting

Inserito da Angelo Barbosa | Gen 10, 2026 | CVE

A vulnerability was found in ConvertForce Popup Builder Plugin up to 0.0.7 on WordPress. It has been declared as problematic. This affects the function entrance_animation of the component Gutenberg Block Handler. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-14506. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-14506 | ConvertForce Popup Builder Plugin up to 0.0.7 on WordPress Gutenberg Block entrance_animation cross site scripting

Post correlati

CVE-2023-49245 | Huawei HarmonyOS/EMUI Share Module access control

CVE-2025-13642 | ProfilePress Plugin up to 4.16.7 on WordPress Shortcode Type privilege escalation

CVE-2024-44956 | Linux Kernel up to 6.10.4 preempt_fence_work_func deadlock (458bb83119df/3cd1585e5790)

CVE-2024-3912 | ASUS DSL-AC55 Firmware unrestricted upload