WordPress Info Boxes Shortcode and Widget plugin <= 1.15 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Info Boxes Shortcode and Widget versions = 1.15...

CVE-2025-30541 WordPress Info Boxes Shortcode And Widgets plugin <= 1.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in OTWthemes Info Boxes Shortcode and Widget allows Cross Site Request Forgery. This issue affects Info Boxes Shortcode and Widget: from n/a through 1.15...

CVE-2025-30541

CVE-2025-30541 is a CSRF vulnerability in the WordPress plugin “Info Boxes Shortcode and Widget.” Affected versions are up to 1.15 (from n/a through 1.15). The CVSS 3.1 base metrics indicate an overall MEDIUM impact (4.3), requiring user interaction with networked access and low attack complexity...

WordPress plugin Info Boxes Shortcode and Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Info Boxes...