CVE-2025-11857 | mxp XX2WP Integration Tools Plugin up to 1.9.9 on WordPress Shortcode mxp_fb2wp_display_embed post_id cross site scripting

A vulnerability was found in mxp XX2WP Integration Tools Plugin up to 1.9.9 on WordPress. It has been declared as problematic. Affected by this issue is the function mxp_fb2wp_display_embed of the component Shortcode Handler. Executing manipulation of the argument post_id can lead to cross site scripting.

This vulnerability appears as CVE-2025-11857. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More