CVE-2025-1491 | teastudiopl WP Posts Carousel Plugin up to 1.3.7 on WordPress auto_play_timeout cross site scripting

Posted by Angelo Barbosa | Mar 1, 2025 | CVE

A vulnerability was found in teastudiopl WP Posts Carousel Plugin up to 1.3.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument auto_play_timeout leads to cross site scripting.

This vulnerability is known as CVE-2025-1491. The attack can be launched remotely. There is no exploit available.

CVE-2025-1491 | teastudiopl WP Posts Carousel Plugin up to 1.3.7 on WordPress auto_play_timeout cross site scripting

Related Posts

CVE-2024-0976 | WP Event Manager Plugin up to 3.1.41 on WordPress cross site scripting

CVE-2024-56004 | Alex W Fowler Easy Site Importer Plugin up to 1.0.1 on WordPress authorization

CVE-2024-5919 | Palo Alto Networks Cloud NGFW/PAN-OS/Prisma Access Firewall Management Interface xml external entity reference

CVE-2024-56650 | Linux Kernel up to 6.12.4 led_tg_check out-of-bounds