CVE-2025-5125 Information

Description

The Custom Post Carousels with Owl WordPress plugin before 1.4.12 uses the featherlight library and makes use of the data-featherlight attribute without sanitizing before using it.

Reference

https://wpscan.com/vulnerability/aaf9e3f8-b312-432d-a635-6fe89ff8d13f/

Related CNNVD

CNNVD-202506-2628 (Published: 2025-06-20)