CVE-2025-13856 | Extra Post Images Plugin up to 1.0 on WordPress Shortcode ID cross site scripting

A vulnerability described as problematic has been identified in Extra Post Images Plugin up to 1.0 on WordPress. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. Such manipulation of the argument ID leads to cross site scripting.

This vulnerability is listed as CVE-2025-13856. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More