CVE-2025-13141 | HT Mega Plugin up to 3.0.0 on WordPress tag_escape cross site scripting

November 21, 2025 Yanac

A vulnerability was found in HT Mega Plugin up to 3.0.0 on WordPress and classified as problematic. This affects the function tag_escape. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-13141. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-11885 | EchBay Admin Security Plugin up to 1.3.0 on WordPress _ebnonce cross site scripting
CVE-2025-11764 | Shortcodes Bootstrap Plugin up to 1.1 on WordPress Type cross site scripting