cleantalk
Vulnerabilities and Security Researches

Quick Favicon, CVE-2025-53287

CVE, Research URL

CVE-2025-53287

Home page URL

Security reports for Quick Favicon

Application

Quick Favicon

Published on
Jun 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Cummings Quick Favicon allows Stored XSS. This issue affects Quick Favicon: from n/a through 0.22.8.
Affected versions
Min -, max 0.22.8.
Status
vulnerable
Previous vulnerability researches
Availability Calendar (CVE-2025-46528) , Apr 26, 2025
Availability Calendar (CVE-2023-48744) , Jun 07, 2024
Availability Calendar (CVE-2021-24604) , Jun 07, 2024
Availability Calendar (CVE-2021-24606) , Jun 07, 2024
WP iCal Availability (CVE-2023-46607) , Jun 10, 2024
New vulnerability
Spoki – Chat Buttons and WooCommerce Notifications (CVE-2025-50026) , Jul 03, 2025
Amazon Products to WooCommerce (CVE-2025-5813) , Jul 03, 2025
Breeze – WordPress Cache Plugin (CVE-2025-23999) , Jul 03, 2025
Twitch TV Embed Suite (CVE-2025-53313) , Jul 03, 2025
re.place (CVE-2025-53338) , Jul 03, 2025