CVE-2025-12885 | Embed Any Document Plugin up to 2.7.10 on WordPress sanitize_pdf_src cross site scripting

Inserito da Angelo Barbosa | Dic 17, 2025 | CVE

A vulnerability classified as problematic has been found in Embed Any Document Plugin up to 2.7.10 on WordPress. Impacted is the function sanitize_pdf_src. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2025-12885. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-12885 | Embed Any Document Plugin up to 2.7.10 on WordPress sanitize_pdf_src cross site scripting

Post correlati

CVE-2024-34405 | McAfee Security Antivirus VPN up to 8.2.x on Android URL unknown vulnerability

CVE-2024-22104 | Mitsubishi Electric CPU Module Logging Configuration Tool out-of-bounds write (icsa-24-135-04)

CVE-2024-33616 | Sharp/Toshiba Tec MFP Telnet improper authentication

CVE-2022-48832 | Linux Kernel up to 5.16.9 audit_match_perm memory corruption (310c9ddfdf1f/7a82f89de92a)