CVE-2025-6988 | Kallyas Plugin up to 4.23.0 on WordPress Shortcode cross site scripting

October 31, 2025 Yanac

A vulnerability was found in Kallyas Plugin up to 4.23.0 on WordPress. It has been declared as problematic. This affects an unknown part of the component Shortcode Handler. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-6988. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-62875 | OpenSMTPD 7.7.0 Unix Domain Socket smtpd.sock memory leak
CVE-2025-12137 | Import WP Plugin up to 2.14.16 on WordPress REST API Endpoint attach_file local_url path traversal