CVE-2025-69302 | DesignThemes Core Features Plugin up to 2.3 on WordPress cross site scripting

Inserito da Angelo Barbosa | Feb 2, 2026 | CVE

A vulnerability labeled as problematic has been found in DesignThemes Core Features Plugin up to 2.3 on WordPress. This affects an unknown function. Executing a manipulation can lead to cross site scripting.

This vulnerability is registered as CVE-2025-69302. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-69302 | DesignThemes Core Features Plugin up to 2.3 on WordPress cross site scripting

Post correlati

CVE-2023-6633 | Site Notes Plugin up to 2.0.0 on WordPress Admin Note cross-site request forgery

CVE-2025-66288 | Parallels Toolbox CleanDrive link following (ZDI-25-1015)

CVE-2025-13553 | D-Link DWR-M920 1.1.50 formPinManageSetup sub_41C7FC submit-url buffer overflow

CVE-2025-1370 | MicroWorld eScan Antivirus 7.0.32 on Linux Autoscan USB epsdaemon sprintf os command injection