CVE-2025-12651 | Live Photos on Plugin up to 0.1 on WordPress Shortcode video_src/img_src/class cross site scripting

A vulnerability marked as problematic has been reported in Live Photos on Plugin up to 0.1 on WordPress. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation of the argument video_src/img_src/class leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-12651. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More