CVE-2025-13048 | StatCounter Plugin up to 2.1.0 on WordPress Nickname cross site scripting

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability, which was classified as problematic, was found in StatCounter Plugin up to 2.1.0 on WordPress. The affected element is an unknown function. The manipulation of the argument Nickname results in cross site scripting.

This vulnerability is reported as CVE-2025-13048. The attack can be launched remotely. No exploit exists.

CVE-2025-13048 | StatCounter Plugin up to 2.1.0 on WordPress Nickname cross site scripting

Post correlati

CVE-2024-38145 | Microsoft unknown vulnerability

CVE-2025-10253 | openDCIM 23.04 SVG File /scripts/uploadifive.php Filedata cross site scripting

CVE-2024-34142 | Adobe Experience Manager up to 6.5.20 cross site scripting (apsb24-28)

CVE-2025-46206 | Artifex mupdf 1.25.5/1.25.6 mutool clean utility /Next strip_outline recursion