CVE-2025-8615 | CubeWP Plugin up to 1.1.26 on WordPress Shortcode cubewp_shortcode_taxonomy cross site scripting

Inserito da Angelo Barbosa | Gen 16, 2026 | CVE

A vulnerability was found in CubeWP Plugin up to 1.1.26 on WordPress. It has been classified as problematic. The impacted element is the function cubewp_shortcode_taxonomy of the component Shortcode Handler. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2025-8615. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-8615 | CubeWP Plugin up to 1.1.26 on WordPress Shortcode cubewp_shortcode_taxonomy cross site scripting

Post correlati

CVE-2024-0526 | CXBSoft Url-shorting up to 1.3.1 HTTP POST Request /pages/short_to_long.php shorturl sql injection

CVE-2024-45761 | Dell OpenManage Server Administrator up to 11.0.1.0 input validation (dsa-2024-481)

CVE-2025-13290 | code-projects Simple Food Ordering System 1.0 /saveorder.php ID sql injection

CVE-2024-11132 | imithemes Eventer Plugin up to 3.9.9 on WordPress Shortcode cross site scripting