CVE-2025-13704 | Autogen Headers Menu Plugin up to 1.0.1 on WordPress Shortcode autogen_menu head_class cross site scripting

Inserito da Angelo Barbosa | Gen 9, 2026 | CVE

A vulnerability categorized as problematic has been discovered in Autogen Headers Menu Plugin up to 1.0.1 on WordPress. The affected element is the function autogen_menu of the component Shortcode Handler. The manipulation of the argument head_class results in cross site scripting.

This vulnerability is identified as CVE-2025-13704. The attack can be executed remotely. There is not any exploit available.

CVE-2025-13704 | Autogen Headers Menu Plugin up to 1.0.1 on WordPress Shortcode autogen_menu head_class cross site scripting

Post correlati

CVE-2025-6510 | Netgear EX6100 1.0.2.28_1.1.138 sub_415EF8 stack-based overflow

CVE-2025-6915 | PHPGurukul Student Record System 3.2 /register.php session sql injection

CVE-2025-20644 | MediaTek MT8798 NR15/NR16 Modem improper validation of syntactic correctness of input (MSV-2747 / MOLY01525673)

CVE-2024-13416 | 2N OS up to 2.45 API log file