CVE-2025-12644 | Nonaki Plugin up to 1.0.11 on WordPress Shortcode nonaki cross site scripting

November 10, 2025 Yanac

A vulnerability has been found in Nonaki Plugin up to 1.0.11 on WordPress and classified as problematic. This impacts the function nonaki of the component Shortcode Handler. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2025-12644. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-12652 | Ungapped Widgets Plugin on WordPress prefillvalues cross site scripting
CVE-2025-11873 | WP BBCode Plugin up to 1.8.1 on WordPress Shortcode url cross site scripting