CVE-2025-5125

Name of the Vulnerable Software and Affected Versions Custom Post Carousels with Owl WordPress plugin versions prior to 1.4.12

Description The issue concerns the use of the featherlight library and the data-featherlight attribute without proper sanitization. This could potentially lead to security issues, as unsanitized input can be exploited.

Recommendations For versions prior to 1.4.12, update to version 1.4.12 or later to resolve the issue. As a temporary workaround, consider disabling the use of the featherlight library until a patch is available. Restrict access to the data-featherlight attribute to minimize the risk of exploitation.