CVE-2025-13960 | GPXpress Plugin up to 1.3 on WordPress Shortcode gpxpress cross site scripting

Inserito da Angelo Barbosa | Dic 11, 2025 | CVE

A vulnerability categorized as problematic has been discovered in GPXpress Plugin up to 1.3 on WordPress. This impacts the function gpxpress of the component Shortcode Handler. Executing manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2025-13960. The attack may be performed from remote. There is no available exploit.

CVE-2025-13960 | GPXpress Plugin up to 1.3 on WordPress Shortcode gpxpress cross site scripting

Post correlati

CVE-2024-37564 | PayPlus Payment Gateway Plugin up to 7.0.7 on WordPress sql injection

CVE-2024-28672 | DedeCMS 5.7 /dede/media_edit.php cross-site request forgery

CVE-2024-27898 | SAP NetWeaver 7.50 server-side request forgery

CVE-2024-32999 | Huawei HarmonyOS/EMUI OS Security Module logic error