CVE-2025-13884 | Hide Email Address Plugin up to 0.1 on WordPress Shortcode bg-hide-email-address inline_css cross site scripting

Inserito da Angelo Barbosa | Dic 11, 2025 | CVE

A vulnerability identified as problematic has been detected in Hide Email Address Plugin up to 0.1 on WordPress. Affected is the function bg-hide-email-address of the component Shortcode Handler. The manipulation of the argument inline_css leads to cross site scripting.

This vulnerability is traded as CVE-2025-13884. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-13884 | Hide Email Address Plugin up to 0.1 on WordPress Shortcode bg-hide-email-address inline_css cross site scripting

Post correlati

CVE-2025-49516 | Moodle Badges Backpack Management cross-site request forgery

CVE-2024-7217 | TOTOLINK CA300-PoE 6.2c.884 /cgi-bin/cstecgi.cgi loginauth password buffer overflow

CVE-2024-53066 | Linux Kernel up to 6.11.7 nfs decode_getfattr_attrs initialization

CVE-2025-13513 | Clik Stats Plugin up to 0.8 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting