CVE-2025-13746 | ForumWP Plugin up to 2.1.6 on WordPress Display Name cross site scripting

Inserito da Angelo Barbosa | Gen 5, 2026 | CVE

A vulnerability was found in ForumWP Plugin up to 2.1.6 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Display Name Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-13746. The attack can be launched remotely. No exploit exists.

CVE-2025-13746 | ForumWP Plugin up to 2.1.6 on WordPress Display Name cross site scripting

Post correlati

CVE-2024-45806 | Envoy up to 1.28.6/1.29.4/1.30.0 internal_address_config authorization (GHSA-ffhv-fvxq-r6mf)

CVE-2023-47856 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK set_RadvdPrefixParam stack-based overflow (TALOS-2023-1892)

CVE-2025-10552 | Dassault Systèmes 3DSwymer cross site scripting

CVE-2023-38023 | Scontain SCONE up to 5.7.x on Intel SGX __scone_dispatch improper authorization (GHSA-v3vm-9h66-wm76)