CVE-2025-7966 | Get Youtube Subs Plugin up to 3.5 on WordPress subscribe_link_att cross site scripting

July 23, 2025 Yanac

A vulnerability was found in Get Youtube Subs Plugin up to 3.5 on WordPress. It has been declared as problematic. This vulnerability affects the function subscribe_link_att. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-7966. The attack can be initiated remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-5084 | Post Grid Master Plugin up to 3.4.13 on WordPress argsArray[‘read_more_text’] cross site scripting
CVE-2025-6380 | OnlyOffice Docs Plugin up to 2.2.0 on WordPress REST Endpoint oo.callback authorization