CVE-2025-5285 | Product Subtitle for WooCommerce Plugin up to 1.3.9 on WordPress htmlTag cross site scripting

Inserito da Angelo Barbosa | Mag 30, 2025 | CVE

A vulnerability was found in Product Subtitle for WooCommerce Plugin up to 1.3.9 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument htmlTag leads to cross site scripting.

This vulnerability was named CVE-2025-5285. The attack can be initiated remotely. There is no exploit available.

CVE-2025-5285 | Product Subtitle for WooCommerce Plugin up to 1.3.9 on WordPress htmlTag cross site scripting

Post correlati

CVE-2024-45620 | libopensc pkcs15init buffer size

CVE-2023-6805 | Feedzy RSS Aggregator Plugin up to 4.4.7 on WordPress server-side request forgery

CVE-2024-37899 | xwiki-platform up to 13.5/14.10.20/15.5.4/15.10.5/16.0.0 User Profile code injection

CVE-2024-2229 | Schneider Electric EcoStruxure Power Design Project File deserialization (icsa-24-072-01)