CVE-2025-1406 | s56bouya Newpost Catch Plugin up to 1.3.19 on WordPress Shortcode npc cross site scripting

CVE-2025-1406 | s56bouya Newpost Catch Plugin up to 1.3.19 on WordPress Shortcode npc cross site scripting

A vulnerability was found in s56bouya Newpost Catch Plugin up to 1.3.19 on WordPress. It has been rated as problematic. This issue affects the function npc of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-1406. The attack may be initiated remotely. There is no exploit available.