CVE-2025-1794 | johanaarstein AM LottiePlayer Plugin up to 3.6.0 on WordPress SVG File Parser cross site scripting

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability identified as problematic has been detected in johanaarstein AM LottiePlayer Plugin up to 3.6.0 on WordPress. This vulnerability affects unknown code of the component SVG File Parser. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2025-1794. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-1794 | johanaarstein AM LottiePlayer Plugin up to 3.6.0 on WordPress SVG File Parser cross site scripting

Post correlati

CVE-2024-27820 | Apple iOS/iPadOS Web Contents memory corruption

CVE-2024-11936 | MVPThemes Zox News Plugin up to 3.16.0 on WordPress backup_options/restore_options authorization

CVE-2025-58359 | ZcashFoundation frost up to 2.1.x refresh missing cryptographic step (GHSA-wgq8-vr6r-mqxm)

CVE-2024-38269 | Zyxel VMG8825-T50K up to 5.50(ABOM.8)C0 USB File-Sharing handler memory corruption