CVE-2025-11857

Overview

The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mxp_fb2wp_display_embed' shortcode in all versions up to, and including, 1.9.9. This is due to the plugin not properly sanitizing user input and output of the 'post_id' parameter. This makes it pos...

Critical

Low

Medium

No items found.

Package:

Impact:

Fix:

Year:

CVSS:

Severity:

CVE-2025-11857

Overview

Affected Components

Location

Stop the waste.
Protect your environment with Kodem.

CVE-2025-11857

Overview

Affected Components

Location

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.