CVE-2025-13889 | Simple Nivo Slider Plugin up to 0.5.6 on WordPress Shortcode ID cross site scripting

December 11, 2025 Yanac

A vulnerability identified as problematic has been detected in Simple Nivo Slider Plugin up to 0.5.6 on WordPress. This issue affects some unknown processing of the component Shortcode Handler. This manipulation of the argument ID causes cross site scripting.

This vulnerability is handled as CVE-2025-13889. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More