CVE-2025-4055 | Multiple Post Type Order Plugin up to 1.10.0 on WordPress Shortcode mpto cross site scripting

Inserito da Angelo Barbosa | Mag 6, 2025 | CVE

A vulnerability classified as problematic has been found in Multiple Post Type Order Plugin up to 1.10.0 on WordPress. Affected is the function mpto of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-4055. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4055 | Multiple Post Type Order Plugin up to 1.10.0 on WordPress Shortcode mpto cross site scripting

Post correlati

CVE-2024-32147 | Form Plugin Easy Contact Form Lite Plugin up to 1.1.23 on WordPress cross site scripting

CVE-2025-22145 | CarbonPHP carbon up to 2.72.5/3.8.3 Carbon::setLocale filename control

CVE-2023-4932 | SAS Integration Technologies up to 9.4_M8 URL /SASStoredProcess/do _program cross site scripting

CVE-2023-50457 | Zammad up to 6.1.x Ticket Listing permission