CVE-2025-12448 | Smartsupp Plugin up to 3.9.1 on WordPress code cross site scripting

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability classified as problematic was found in Smartsupp Plugin up to 3.9.1 on WordPress. This issue affects some unknown processing. Executing a manipulation of the argument code can lead to cross site scripting.

This vulnerability is registered as CVE-2025-12448. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-12448 | Smartsupp Plugin up to 3.9.1 on WordPress code cross site scripting

Post correlati

CVE-2025-4054 | Relevanssi Plugin up to 4.24.3 on WordPress Search Result highlights cross site scripting

CVE-2024-55886 | opensearch-project data-prepper 2.10.0/2.10.1 getHttpAuthenticationService improper authentication (GHSA-725p-63vv-v948)

CVE-2024-12005 | WP-BibTeX Plugin up to 3.0.1 on WordPress cross-site request forgery

CVE-2024-2223 | Bitdefender GravityZone Control Center/Endpoint Security Update Server incorrect regex