A vulnerability classified as problematic has been found in Social Media Auto Publish Plugin up to 3.6.5 on WordPress. This impacts an unknown function. Performing manipulation of the argument PostMessage results in cross site scripting.

This vulnerability is cataloged as CVE-2025-12076. It is possible to initiate the attack remotely. There is no exploit available.