CVE-2025-10181 | Draft List Plugin up to 2.6 on WordPress Shortcode drafts cross site scripting

Inserito da Angelo Barbosa | Set 19, 2025 | CVE

A vulnerability described as problematic has been identified in Draft List Plugin up to 2.6 on WordPress. This vulnerability affects the function drafts of the component Shortcode Handler. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-10181. The attack may be launched remotely. There is no exploit available.

CVE-2025-10181 | Draft List Plugin up to 2.6 on WordPress Shortcode drafts cross site scripting

Post correlati

CVE-2024-7854 | Woo Inquiry Plugin up to 0.1 on WordPress sql injection

CVE-2024-29129 | WPLIT OxyExtras Plugin up to 1.4.4 on WordPress cross site scripting

CVE-2024-3093 | khl32 Font Farsi Plugin up to 1.6.6 on WordPress Setting cross site scripting

CVE-2025-20059 | Ping Identity PingAM Java Policy Agent up to 5.10.3/2023.11.1/2024.9 path traversal