cleantalk
Vulnerabilities and Security Researches

Inspectlet – User Session Recording and Heatmaps, CVE-2025-49048

CVE, Research URL

CVE-2025-49048

Home page URL

Security reports for Inspectlet – User Session Recording and Heatmaps

Application

Inspectlet – User Session Recording and Heatmaps

Published on
Aug 14, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inspectlet Inspectlet – User Session Recording and Heatmaps allows Stored XSS. This issue affects Inspectlet – User Session Recording and Heatmaps: from n/a through 2.0.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
12 Step Meeting List (CVE-2025-24582) , Jan 26, 2025
12 Step Meeting List (CVE-2025-24580) , Jan 26, 2025
12 Step Meeting List (CVE-2023-46641) , Jun 07, 2024
12 Step Meeting List (CVE-2024-35693) , Jun 10, 2024
12 Step Meeting List (CVE-2025-24583) , Apr 19, 2025
New vulnerability
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab (CVE-2025-8898) , Aug 16, 2025
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025