CVE-2025-10178 | CM Business Directory Plugin up to 1.5.2 on WordPress Shortcode cmbd_featured_image cross site scripting

A vulnerability marked as problematic has been reported in CM Business Directory Plugin up to 1.5.2 on WordPress. The affected element is the function cmbd_featured_image of the component Shortcode Handler. This manipulation causes cross site scripting.

This vulnerability appears as CVE-2025-10178. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More