CVE-2025-12672 | Flickr Show Plugin up to 1.5 on WordPress Shortcode flickrshow div_height cross site scripting

Inserito da Angelo Barbosa | Nov 10, 2025 | CVE

A vulnerability was found in Flickr Show Plugin up to 1.5 on WordPress. It has been rated as problematic. This affects the function flickrshow of the component Shortcode Handler. The manipulation of the argument div_height leads to cross site scripting.

This vulnerability is documented as CVE-2025-12672. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-12672 | Flickr Show Plugin up to 1.5 on WordPress Shortcode flickrshow div_height cross site scripting

Post correlati

CVE-2024-10279 | ESAFENET CDG 5 PrintPolicyService.java policyId sql injection

CVE-2023-6896 | SourceCodester Simple Image Stack Website 1.0 search cross site scripting

CVE-2025-20200 | Cisco IOS XE up to 17.15.1w CLI unusual condition (cisco-sa-iosxe-privesc-su7scvdp)

CVE-2013-10034 | Kaseya KServer prior 6.3.0.2 uploadImage.asp filename unrestricted upload (EDB-29675)