CVE-2025-10191 | Big Post Shipping for WooCommerce Plugin up to 2.1.1 on WordPress Shortcode wooboigpost_shipping_status cross site scripting

Inserito da Angelo Barbosa | Set 29, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Big Post Shipping for WooCommerce Plugin up to 2.1.1 on WordPress. This vulnerability affects the function wooboigpost_shipping_status of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-10191. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-10191 | Big Post Shipping for WooCommerce Plugin up to 2.1.1 on WordPress Shortcode wooboigpost_shipping_status cross site scripting

Post correlati

CVE-2025-41095 | Global Planning Solutions BOLD Workplanner up to 2.5.24 authorization

CVE-2024-40524 | xmind2testcase 1.5 webtoolapplication.py path traversal

CVE-2024-7319 | Red Hat OpenStack Platform 13/16.1/16.2/17.0 on CVE openstack-heat information disclosure

CVE-2024-9225 | SEOPress Plugin up to 8.1.1 on WordPress cross site scripting