CVE-2025-14552 | MediaPress Plugin up to 1.6.1 on WordPress Shortcode mpp-uploader cross site scripting

Inserito da Angelo Barbosa | Gen 6, 2026 | CVE

A vulnerability, which was classified as problematic, was found in MediaPress Plugin up to 1.6.1 on WordPress. Affected by this issue is the function mpp-uploader of the component Shortcode Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability is registered as CVE-2025-14552. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-14552 | MediaPress Plugin up to 1.6.1 on WordPress Shortcode mpp-uploader cross site scripting

Post correlati

CVE-2024-3145 | DedeCMS 5.7 makehtml_js_action.php cross-site request forgery

CVE-2024-34525 | vastsa FileCodeBox 2.0 ENV File cleartext storage in a file or on disk (Issue 133)

CVE-2024-10892 | Cost Calculator Builder Plugin up to 3.2.42 on WordPress cross-site request forgery

CVE-2024-50209 | Linux Kernel up to 5.15.169/6.1.114/6.6.58/6.11.5 bnxt_re __alloc_pbl allocation of resources