Hong Kong Security Alert Cross Site Scripting(CVE202512661)

byWP Security Vulnerability Report
November 20, 2025
No comments
1 minute read

Cross Site Scripting (XSS) in WordPress Pollcaster Shortcode Plugin Plugin

I can do that — please paste the blog content you want converted.

A few quick questions to make sure I format it exactly as you need:
– Do you want a title, author name, and publish date included? If so, provide them or say to use defaults.
– Any images, code blocks, or inline links I should preserve or add?
– Do you want headings converted to

/

etc., and paragraphs to

? (Default: yes.)
– Confirm you want the provided responsive vulnerability summary table inserted at the very top (I will do that).

Once you paste the blog text I will return the full HTML-ready post (no leading “`html) in a Hong Kong Security Expert tone, with all vendor recommendations removed.

Tags:
WordPress Security

WP Security Vulnerability Report

— Previous article

Security Advisory Royal Elementor Addons XSS(CVE20255092)

Next article —

Hong Kong NGO Alert Bulma Shortcodes XSS(CVE202511802)

ContentMX Plugin CSRF Community Advisory(CVE20259889)

October 3, 2025

WordPress ContentMX Content Publisher plugin <= 1.0.6 - Cross-Site Request Forgery vulnerability

WWordPress Vulnerability Database

Here are some options under seven words: – HK Security NGO Alerts Elementor Addons XSS – Hong Kong Security NGO Alerts Elementor XSS – HK Security NGO Warns Elementor XSS(CVE20258451)

August 14, 2025

WordPress Essential Addons for Elementor plugin <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability

WWordPress Vulnerability Database