CVE-2025-4168 | Subpage List Plugin up to 1.3.3 on WordPress Shortcode subpages cross site scripting

Inserito da Angelo Barbosa | Mag 2, 2025 | CVE

A vulnerability was found in Subpage List Plugin up to 1.3.3 on WordPress. It has been declared as problematic. This vulnerability affects the function subpages of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-4168. The attack can be initiated remotely. There is no exploit available.

CVE-2025-4168 | Subpage List Plugin up to 1.3.3 on WordPress Shortcode subpages cross site scripting

Post correlati

CVE-2024-0870 | YITH WooCommerce Gift Cards Plugin up to 4.12.0 on WordPress Setting authorization

CVE-2024-34459 | xmllint up to 2.11.7/2.12.6 Error Message xmllint.c xmlHTMLPrintFileContext buffer overflow

CVE-2023-46265 | Ivanti Avalanche 6.4.1 server-side request forgery

CVE-2025-24827 | Acronis Cyber Protect Cloud Agent 36943/37758/38235/38565/39185 untrusted search path