CVE-2025-7649 | Surbma Plugin up to 2.0 on WordPress Shortcode recent-comments cross site scripting

A vulnerability has been found in Surbma Plugin up to 2.0 on WordPress and classified as problematic. Affected by this vulnerability is the function recent-comments of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-7649. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More