cleantalk
Vulnerabilities and Security Researches

WordPress Spam Blocker | Stop Spam for Contact Form 7, WP Forms and Formidable Forms, CVE-2025-32581

CVE, Research URL

CVE-2025-32581

Home page URL

Security reports for WordPress Spam Blocker | Stop Spam for Contact Form 7, WP Forms and Formidable Forms

Application

WordPress Spam Blocker | Stop Spam for Contact Form 7, WP Forms and Formidable Forms

Published on
Apr 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ankit Singla WordPress Spam Blocker allows Stored XSS. This issue affects WordPress Spam Blocker: from n/a through 2.0.4.
Affected versions
Min -, max 2.0.4.
Status
vulnerable
Previous vulnerability researches
Arrow Maps – Custom Maps for WordPress (CVE-2025-28858) , Mar 28, 2025
New vulnerability
WPCOM Member (CVE-2025-39570) , Apr 18, 2025
ElementsReady Addons for Elementor (CVE-2025-39546) , Apr 18, 2025
WordPress Internal Link Optimiser (CVE-2025-39547) , Apr 18, 2025
Silvasoft boekhouden (CVE-2025-32504) , Apr 18, 2025
WP Editor (CVE-2025-3295) , Apr 18, 2025