CVE-2025-12650 | Simple Post Listing Plugin up to 0.2 on WordPress Postlist Shortcode class_name cross site scripting

A vulnerability was found in Simple Post Listing Plugin up to 0.2 on WordPress. It has been classified as problematic. The affected element is an unknown function of the component Postlist Shortcode Handler. This manipulation of the argument class_name causes cross site scripting.

This vulnerability is registered as CVE-2025-12650. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More