CVE-2025-12379 | Shortcodes and Extra Features for Phlox Theme Plugin Modern Heading Widget cross site scripting

Inserito da Angelo Barbosa | Gen 10, 2026 | CVE

A vulnerability categorized as problematic has been discovered in Shortcodes and Extra Features for Phlox Theme Plugin up to 2.17.13 on WordPress. This issue affects some unknown processing of the component Modern Heading Widget. Executing a manipulation of the argument tag/title_tag can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-12379. The attack can be launched remotely. No exploit exists.

CVE-2025-12379 | Shortcodes and Extra Features for Phlox Theme Plugin Modern Heading Widget cross site scripting

Post correlati

CVE-2024-10195 | Tecno 4G Portable WiFi TR118 V008-20220830 SMS Check goform_get_cmd_process order_by sql injection

CVE-2025-9514 | macrozheng mall up to 1.0.3 Registration weak password (Issue 923)

CVE-2024-35511 | PHPGurukul Men Salon Management System 2.0 /msms/admin/index.php username sql injection

CVE-2024-41692 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 Serial Interface unknown vulnerability (CIVN-2024-0225)