CVE-2025-4168 | Subpage List Plugin up to 1.3.3 on WordPress Shortcode subpages cross site scripting

Inserito da Angelo Barbosa | Mag 2, 2025 | CVE

A vulnerability was found in Subpage List Plugin up to 1.3.3 on WordPress. It has been declared as problematic. This vulnerability affects the function subpages of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-4168. The attack can be initiated remotely. There is no exploit available.

CVE-2025-4168 | Subpage List Plugin up to 1.3.3 on WordPress Shortcode subpages cross site scripting

Post correlati

CVE-2024-54500 | Apple visionOS Image memory corruption

CVE-2024-6545 | Admin Trim Interface Plugin up to 3.5.1 on WordPress information disclosure

CVE-2025-2034 | PHPGurukul Pre-School Enrollment System 1.0 edit-class.php?cid=1 classname sql injection

CVE-2024-41826 | JetBrains TeamCity up to 2024.03.3 Show Connection Page cross site scripting