cleantalk
Vulnerabilities and Security Researches

ActiveCampaign – Forms, Site Tracking, Live Chat, CVE-2025-32136

CVE, Research URL

CVE-2025-32136

Home page URL

Security reports for ActiveCampaign – Forms, Site Tracking, Live Chat

Application

ActiveCampaign – Forms, Site Tracking, Live Chat

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activecampaign ActiveCampaign allows Stored XSS. This issue affects ActiveCampaign: from n/a through 8.1.16.
Affected versions
Min -, max 8.1.16.
Status
vulnerable
Previous vulnerability researches
Starter Templates — Elementor, WordPress & Beaver Builder Templates (CVE-2023-41805) , Jun 10, 2024
Starter Templates — Elementor, WordPress & Beaver Builder Templates (CVE-2024-47345) , Sep 30, 2024
Starter Templates — Elementor, WordPress & Beaver Builder Templates , Dec 24, 2024
Starter Templates — Elementor, WordPress & Beaver Builder Templates (CVE-2025-24568) , Jan 25, 2025
Starter Templates — Elementor, WordPress & Beaver Builder Templates (CVE-2024-4630) , Jun 06, 2024
New vulnerability
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025
Sparkle Elementor Kit (CVE-2025-32157) , Apr 06, 2025