CVE-2025-12717 | List Attachments Shortcode Plugin up to 0.4.1a on WordPress before_list cross site scripting

A vulnerability was found in List Attachments Shortcode Plugin up to 0.4.1a on WordPress. It has been declared as problematic. Impacted is an unknown function of the component Shortcode Handler. Such manipulation of the argument before_list leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-12717. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More