CVE-2025-11875 | SpendeOnline.org Plugin up to 3.0.1 on WordPress Shortcode spendeonline cross site scripting

October 24, 2025 Yanac

A vulnerability categorized as problematic has been discovered in SpendeOnline.org Plugin up to 3.0.1 on WordPress. This affects the function spendeonline of the component Shortcode Handler. Executing manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2025-11875. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More