CVE-2025-12670 | wp-twitpic Plugin up to 1.0 on WordPress Shortcode cross site scripting

Inserito da Angelo Barbosa | Nov 26, 2025 | CVE

A vulnerability described as problematic has been identified in wp-twitpic Plugin up to 1.0 on WordPress. The impacted element is the function twitpic of the component Shortcode Handler. Executing manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-12670. The attack may be launched remotely. There is no exploit available.

CVE-2025-12670 | wp-twitpic Plugin up to 1.0 on WordPress Shortcode cross site scripting

Post correlati

CVE-2024-42452 | Veeam Backup & Replication up to 12.2 unrestricted upload (kb4693)

CVE-2023-29120 | Enel X JuiceBox Pro 3.0 22kW Cellular up to 2.1.1.0_JB3VU096A os command injection

CVE-2023-31030 | NVIDIA DGX A100 prior 00.22.05 Host KVM Daemon stack-based overflow

CVE-2023-50424 | SAP cloud-security-client-go up to 0.16.x authorization