CVE-2025-3488 | WPML Multilingual CMS Plugin up to 4.7.3 on WordPress Shortcode wpml_language_switcher cross site scripting

Inserito da Angelo Barbosa | Mag 1, 2025 | CVE

A vulnerability was found in WPML Multilingual CMS Plugin up to 4.7.3 on WordPress. It has been rated as problematic. This issue affects the function wpml_language_switcher of the component Shortcode Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2025-3488. The attack may be initiated remotely. There is no exploit available.

CVE-2025-3488 | WPML Multilingual CMS Plugin up to 4.7.3 on WordPress Shortcode wpml_language_switcher cross site scripting

Post correlati

CVE-2024-39607 | ELECOM WRC-X6000XS-G/WRC-X1500GS-B/WRC-X1500GSA-B up to 1.11 os command injection

CVE-2024-42028 | Ubiquiti UniFi Network Application up to 8.4.62 Local Privilege Escalation

CVE-2024-5460 | Brocade Fabric OS up to 8.x SNMP hard-coded credentials

CVE-2024-9049 | Beaver Builder Plugin up to 2.8.3.6 on WordPress Button Group Module cross site scripting