CVE-2025-13728 | FluentAuth Plugin up to 2.0.3 on WordPress Shortcode fluent_auth_reset_password cross site scripting

Inserito da Angelo Barbosa | Dic 15, 2025 | CVE

A vulnerability was found in FluentAuth Plugin up to 2.0.3 on WordPress and classified as problematic. The affected element is the function fluent_auth_reset_password of the component Shortcode Handler. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-13728. The attack can be launched remotely. No exploit exists.

CVE-2025-13728 | FluentAuth Plugin up to 2.0.3 on WordPress Shortcode fluent_auth_reset_password cross site scripting

Post correlati

CVE-2025-12061 | Tax Service Electronic HDM Plugin up to 1.2.0 on WordPress cross-site request forgery

CVE-2024-21845 | OpenHarmony up to 3.2.4/4.0.0 integer overflow

CVE-2024-45426 | Zoom Workplace App up to 6.0.x improper ownership management (ZSB-24038)

CVE-2025-1575 | Harpia DiagSystem 12 atualatendimento_jpeg.php cod/codexame resource injection