CVE-2025-12583 | Simple Downloads List Plugin up to 1.4.3 on WordPress AJAX Endpoint wp_ajax_neofix_sdl_edit cross site scripting

Inserito da Angelo Barbosa | Nov 7, 2025 | CVE

A vulnerability labeled as problematic has been found in Simple Downloads List Plugin up to 1.4.3 on WordPress. This issue affects the function wp_ajax_neofix_sdl_edit of the component AJAX Endpoint. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-12583. The attack may be launched remotely. There is no exploit available.

CVE-2025-12583 | Simple Downloads List Plugin up to 1.4.3 on WordPress AJAX Endpoint wp_ajax_neofix_sdl_edit cross site scripting

Post correlati

CVE-2023-52629 | Linux Kernel up to 2.6.20/6.5.3 push-switch flush_work use after free (610dbd8ac271/246f80a0b17f)

CVE-2025-9158 | Best Practical Request Tracker up to 5.0.8/6.0.1 Calendar Invitation Parser cross site scripting (EUVD-2025-35802)

CVE-2024-8828 | PDF-XChange Editor EMF File Parser out-of-bounds (ZDI-24-1251)

CVE-2024-33787 | Hengan Weighing Management Information Query Platform 2019-2021 53.25 search_user.aspx tuser_Number sql injection