CVE-2025-12660 | Padlet Shortcode Plugin up to 1.3 on WordPress wallwisher key cross site scripting

A vulnerability has been found in Padlet Shortcode Plugin up to 1.3 on WordPress and classified as problematic. This issue affects the function wallwisher of the component Shortcode Handler. The manipulation of the argument key leads to cross site scripting.

This vulnerability is documented as CVE-2025-12660. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More