CVE-2025-4775 | Infinite Scroll Plugin up to 7.4.0.1 on WordPress HTML Attribute data-button-label HTML injection

June 16, 2025 Yanac

A vulnerability, which was classified as problematic, has been found in Infinite Scroll Plugin up to 7.4.0.1 on WordPress. This issue affects some unknown processing of the component HTML Attribute Handler. The manipulation of the argument data-button-label leads to HTML injection.

The identification of this vulnerability is CVE-2025-4775. The attack may be initiated remotely. There is no exploit available.VulDB Recent EntriesRead More