CVE-2025-4963 | WP Extended Plugin up to 3.0.15 on WordPress SVG File Parser cross site scripting

Inserito da Angelo Barbosa | Mag 28, 2025 | CVE

A vulnerability was found in WP Extended Plugin up to 3.0.15 on WordPress. It has been classified as problematic. Affected is an unknown function of the component SVG File Parser. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-4963. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4963 | WP Extended Plugin up to 3.0.15 on WordPress SVG File Parser cross site scripting

Post correlati

CVE-2023-49184 | WPDeveloper Parallax Slider Block Plugin up to 1.2.4 on WordPress cross site scripting

CVE-2024-7511 | Trimble SketchUp Pro prior 24.0.553 SKP File Parser out-of-bounds (ZDI-24-1057)

CVE-2023-24012 | OpenDDS PKCS7_verify signature verification

CVE-2024-1232 | CM Download Manager Plugin up to 2.9.0 on WordPress cross-site request forgery