CVE-2025-11804 | JB News Ticker Plugin up to 1.0 on WordPress Shortcode jbticker ID cross site scripting

October 22, 2025 Yanac

A vulnerability was found in JB News Ticker Plugin up to 1.0 on WordPress. It has been rated as problematic. The impacted element is the function jbticker of the component Shortcode Handler. Performing manipulation of the argument ID results in cross site scripting.

This vulnerability is cataloged as CVE-2025-11804. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More