CVE-2025-12017 | VNPAY Payment Gateway Plugin up to 1.0.0 on WordPress Message cross site scripting

A vulnerability, which was classified as problematic, has been found in VNPAY Payment Gateway Plugin up to 1.0.0 on WordPress. The impacted element is an unknown function. This manipulation of the argument Message causes cross site scripting.

This vulnerability appears as CVE-2025-12017. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More