CVE-2025-14039 | Simple Folio Plugin up to 1.1.1 on WordPress _simple_folio_item_client_name Client name/Link cross site scripting

Inserito da Angelo Barbosa | Gen 27, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Simple Folio Plugin up to 1.1.1 on WordPress. This affects the function _simple_folio_item_client_name. Executing a manipulation of the argument Client name/Link can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-14039. The attack may be launched remotely. There is no exploit available.

CVE-2025-14039 | Simple Folio Plugin up to 1.1.1 on WordPress _simple_folio_item_client_name Client name/Link cross site scripting

Post correlati

CVE-2024-7787 | ITG Computer Technology vSRM Supplier Relationship Management System prior 28.08.2024 cross site scripting

CVE-2025-12155 | Google Looker up to 25.10.21 command injection (gcp-2025-052)

CVE-2024-32804 | Martin Gibson WP GoToWebinar Plugin up to 14.46 on WordPress authorization

CVE-2024-43395 | MCJack123 craftos2 up to 2.8.2 on Windows path traversal