A vulnerability, which was classified as problematic, has been found in flexmls Flexmls IDX Plugin up to 3.14.28 on WordPress. Affected by this issue is the function
idx_frame
of the component Shortcode Handler. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2025-0863. The attack may be launched remotely. There is no exploit available.