CVE-2025-7726 | Dream-Theme The7 Plugin up to 12.6.0 on WordPress jQuery.attr title/data-dt-img-description cross site scripting

Inserito da Angelo Barbosa | Ago 9, 2025 | CVE

A vulnerability classified as problematic has been found in Dream-Theme The7 Plugin up to 12.6.0 on WordPress. This affects the function jQuery.attr. The manipulation of the argument title/data-dt-img-description leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-7726. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-7726 | Dream-Theme The7 Plugin up to 12.6.0 on WordPress jQuery.attr title/data-dt-img-description cross site scripting

Post correlati

CVE-2025-0294 | SourceCodester Home Clean Services Management System 1.0 process.php type/length/business sql injection

CVE-2025-6206 | Aiomatic Plugin up to 2.5.0 on WordPress aiomatic_image_editor_ajax_submit unrestricted upload

CVE-2024-26785 | Linux Kernel up to 6.7.8 iommufd_access_change_ioas memory corruption (fc719ecbca45/cf7c2789822d)

CVE-2025-0487 | Fanli2012 native-php-cms 1.0 /fladmin/cat_edit.php id sql injection