Stored Cross-Site Scripting Vulnerability in UIUX Lab Uix Shortcodes Plugin

CVE-2025-39574

Summary

A vulnerability exists in the UIUX Lab Uix Shortcodes plugin that allows attackers to execute stored cross-site scripting (XSS) attacks. This issue arises from improper handling of input during the generation of web pages. An attacker can exploit this flaw to inject malicious scripts, which may lead to unauthorized access to user data or the execution of harmful actions within the context of the affected web application. This vulnerability impacts Uix Shortcodes from n/a through version 2.0.4, necessitating immediate attention from users to mitigate potential risks.

References