CVE-2025-4776 | Phlox Plugin up to 2.17.7 on WordPress HTML Attribute data-caption HTML injection

Inserito da Angelo Barbosa | Gen 5, 2026 | CVE

A vulnerability marked as problematic has been reported in Phlox Plugin up to 2.17.7 on WordPress. This vulnerability affects unknown code of the component HTML Attribute Handler. This manipulation of the argument data-caption causes HTML injection.

This vulnerability is registered as CVE-2025-4776. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-4776 | Phlox Plugin up to 2.17.7 on WordPress HTML Attribute data-caption HTML injection

Post correlati

CVE-2024-35283 | Mitel MiContact Center Business up to 10.0.0.4 Ignite cross site scripting

CVE-2024-20388 | Cisco Firepower Management Center up to 7.4.1.1 cross site scripting (cisco-sa-fmc-xss-infodisc-RL4mJFer)

CVE-2024-50353 | IowaComputerGurus aspnetcore.utilities.cloudstorage up to 7.x access control

CVE-2021-47472 | Linux Kernel up to 5.14.15 mdiobus lib/kasprintf.c __mdiobus_register memory leak