CVE-2025-5082 | WP Attachments Plugin up to 5.0.12 on WordPress attachment_id cross site scripting

Inserito da Angelo Barbosa | Mag 27, 2025 | CVE

A vulnerability has been found in WP Attachments Plugin up to 5.0.12 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument attachment_id leads to cross site scripting.

This vulnerability is known as CVE-2025-5082. The attack can be launched remotely. There is no exploit available.

CVE-2025-5082 | WP Attachments Plugin up to 5.0.12 on WordPress attachment_id cross site scripting

Post correlati

CVE-2025-25387 | PHPGurukul Land Record System 1.0 POST Request Parameter manage-propertytype.php propertytype sql injection

CVE-2024-2156 | SourceCodester Best POS Management System 1.0 admin_class.php img sql injection

CVE-2024-33931 | ilGhera JW Player for WordPress Plugin up to 2.3.3 on WordPress authorization

CVE-2024-22437 | HPE MSA SAN Storage VSS Provider and CAPI Proxy Software unquoted search path