CVE-2025-6944 | Uncode Core Plugin up to 2.9.4.2 on WordPress Shortcode uncode_hl_text cross site scripting

A vulnerability was found in Uncode Core Plugin up to 2.9.4.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function uncode_hl_text of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-6944. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More