CVE-2025-13367 | User Registration & Membership Plugin up to 4.4.6 on WordPress Shortcode cross site scripting

Inserito da Angelo Barbosa | Dic 15, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in User Registration & Membership Plugin up to 4.4.6 on WordPress. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-13367. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-13367 | User Registration & Membership Plugin up to 4.4.6 on WordPress Shortcode cross site scripting

Post correlati

CVE-2023-50823 | Wipeout Media CSS & JavaScript Toolbox Plugin up to 11.7 on WordPress cross site scripting

CVE-2024-24870 | Michael Dempfle Advanced iFrame Plugin up to 2023.10 on WordPress cross site scripting

CVE-2025-11418 | Tenda CH22 up to 1.0.0.1 HTTP Request /goform/AdvSetWrlsafeset formWrlsafeset mit_ssid_index stack-based overflow

CVE-2024-7920 | Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 GetParkInThroughDeivces access control