cleantalk
Vulnerabilities and Security Researches

Advanced iFrame, CVE-2026-25453

CVE, Research URL

CVE-2026-25453

Home page URL

Security reports for Advanced iFrame

Application

Advanced iFrame

Published on
Feb 19, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through <= 2025.10.
Affected versions
max 2025.10.
Status
vulnerable
Previous vulnerability researches
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast &#8211; HTML5 (CVE-2023-1427) , Jun 06, 2024
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast &#8211; HTML5 (CVE-2011-5180) , Jun 06, 2024
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast &#8211; HTML5 (CVE-2025-26954) , Apr 17, 2025
New vulnerability
ViaBill &#8211; WooCommerce (CVE-2026-25469) , Mar 30, 2026
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2026-31914) , Mar 30, 2026
YML for Yandex Market (CVE-2026-32567) , Mar 30, 2026
OVRI Payment (CVE-2024-10938) , Mar 30, 2026
Textmetrics (CVE-2026-32331) , Mar 30, 2026