CVE-2025-13678 | Thai Lottery Widget Plugin up to 2.5 on WordPress width/height cross site scripting

Inserito da Angelo Barbosa | Dic 5, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Thai Lottery Widget Plugin up to 2.5 on WordPress. The affected element is an unknown function. Performing manipulation of the argument width/height results in cross site scripting.

This vulnerability is identified as CVE-2025-13678. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-13678 | Thai Lottery Widget Plugin up to 2.5 on WordPress width/height cross site scripting

Post correlati

CVE-2025-3452 | SecuPress Free Plugin up to 2.3.9 on WordPress secupress_reinstall_plugins_admin_ajax_cb authorization

CVE-2024-27314 | Zoho ManageEngine ServiceDesk Plus up to 14729 Custom Actions Menu cross site scripting

CVE-2025-8885 | Bouncy Castle for Java up to 1.77/2.0.0 API Module allocation of resources

CVE-2024-4393 | Social Connect Plugin up to 1.2 on WordPress improper authentication