CVE-2025-13967 | Woodpecker Plugin up to 3.0.4 on WordPress Shortcode form_name cross site scripting

Inserito da Angelo Barbosa | Gen 9, 2026 | CVE

A vulnerability labeled as problematic has been found in Woodpecker Plugin up to 3.0.4 on WordPress. This affects an unknown function of the component Shortcode Handler. Such manipulation of the argument form_name leads to cross site scripting.

This vulnerability is listed as CVE-2025-13967. The attack may be performed from remote. There is no available exploit.

CVE-2025-13967 | Woodpecker Plugin up to 3.0.4 on WordPress Shortcode form_name cross site scripting

Post correlati

CVE-2024-28576 | FreeImage 3.19.0 r1909 J2K Image opj_j2k_tcp_destroy buffer overflow

CVE-2024-13833 | awordpresslife Album Gallery Plugin up to 1.6.3 on WordPress deserialization

CVE-2022-50425 | Linux Kernel up to 6.0.6 copy_xstate_to_uabi null pointer dereference

CVE-2025-31987 | HCL Connections Docs 2.0.2 amplification (KB0123272)