CVE-2025-5233 | Color Palette Plugin up to 4.3.2 on WordPress hex cross site scripting

June 12, 2025 Yanac

A vulnerability was found in Color Palette Plugin up to 4.3.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument hex leads to cross site scripting.

This vulnerability is handled as CVE-2025-5233. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-5123 | Contact Us Page Plugin up to 3.7.4 on WordPress style cross site scripting
CVE-2025-5930 | WP2HTML Plugin up to 1.0.2 on WordPress Setting save cross-site request forgery