CVE-2025-7653 | EPay Payments Plugin up to 0.1 on WordPress Shortcode epay cross site scripting

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability, which was classified as problematic, was found in EPay Payments Plugin up to 0.1 on WordPress. Affected is the function epay of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-7653. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-7653 | EPay Payments Plugin up to 0.1 on WordPress Shortcode epay cross site scripting

Post correlati

CVE-2024-45258 | req Package up to 3.43.3 on Go URL cleanHost missing initialization

CVE-2024-5745 | itsourcecode Bakery Online Ordering System 1.0 controller.php image unrestricted upload

CVE-2024-8404 | PaperCut NG/MF up to 23.0.8 on Windows Web Print link following

CVE-2025-40913 | ATRODO Net::Dropbear up to 0.16 on Perl libtommath vulnerable third-party component (GHSA-j3xv-6967-cv88)