CVE-2025-11737 | VK All in One Expansion Unit Plugin up to 9.112.3 on WordPress SNS Title vkExUnit_sns_title cross site scripting

A vulnerability, which was classified as problematic, was found in VK All in One Expansion Unit Plugin up to 9.112.3 on WordPress. This affects an unknown part of the component SNS Title Handler. Executing a manipulation of the argument vkExUnit_sns_title can lead to cross site scripting.

This vulnerability appears as CVE-2025-11737. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More