CVE-2025-11806 | Qzzr Shortcode Plugin up to 1.0.1 on WordPress qzzr cross site scripting

Inserito da Angelo Barbosa | Ott 30, 2025 | CVE

A vulnerability was found in Qzzr Shortcode Plugin up to 1.0.1 on WordPress. It has been classified as problematic. This issue affects the function qzzr of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-11806. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-11806 | Qzzr Shortcode Plugin up to 1.0.1 on WordPress qzzr cross site scripting

Post correlati

CVE-2025-35062 | Newforma Project Center prior 2023.1 default permission

CVE-2025-60961 | EndRun Sonoma D12 Network Time Server 6010-0071-000 Ver 4.00 cross site scripting

CVE-2023-40716 | Fortinet FortiTester up to 7.2.3 Restore/Backup os command injection (FG-IR-22-345)

LOYTEC LINX-212/LVIS-3ME12-A1/LIOB-586 Web User Interface cleartext transmission