CVE-2025-13900 | WP Popup Magic Plugin up to 1.0.0 on WordPress Shortcode wppum_end Name cross site scripting

A vulnerability was found in WP Popup Magic Plugin up to 1.0.0 on WordPress. It has been declared as problematic. This issue affects the function wppum_end of the component Shortcode Handler. Executing a manipulation of the argument Name can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-13900. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More