CVE-2025-54718 | NooTheme Yogi Plugin up to 2.9.2 on WordPress cross site scripting

November 6, 2025 Yanac

A vulnerability was found in NooTheme Yogi Plugin up to 2.9.2 on WordPress and classified as problematic. Affected is an unknown function. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2025-54718. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-54737 | NooTheme Jobmonster Plugin up to 4.7.8 on WordPress cross site scripting
CVE-2025-53586 | NooTheme WeMusic Plugin up to 1.9.1 on WordPress deserialization