CVE-2025-49074 | WidgetKit Plugin up to 2.5.4 on WordPress Widget cross site scripting

Inserito da Angelo Barbosa | Giu 2, 2025 | CVE

A vulnerability, which was classified as problematic, was found in WidgetKit Plugin up to 2.5.4 on WordPress. This affects an unknown part of the component Widget. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-49074. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-49074 | WidgetKit Plugin up to 2.5.4 on WordPress Widget cross site scripting

Post correlati

CVE-2025-5170 | llisoft MTA Maita Training System 4.5 AdminShitiController.java AdminShitiListRequestVo stTypeIds sql injection

CVE-2024-6524 | ShopXO up to 6.1.0 extend/base/Uploader.php source server-side request forgery

CVE-2025-20059 | Ping Identity PingAM Java Policy Agent up to 5.10.3/2023.11.1/2024.9 path traversal

CVE-2024-25942 | Dell PowerEdge Platform prior 1.19.0/2.14.0/2.19.0 SMM Communication input validation (dsa-2024-104)