cleantalk
Vulnerabilities and Security Researches

bunny.net – WordPress CDN Plugin, CVE-2025-48236

CVE, Research URL

CVE-2025-48236

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.net bunny.net allows Stored XSS. This issue affects bunny.net: from n/a through 2.3.0.
Affected versions
Min -, max 2.3.1.
Status
vulnerable