cleantalk
Vulnerabilities and Security Researches

Uncanny Toolkit for LearnDash, CVE-2025-57988

CVE, Research URL

CVE-2025-57988

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.3.
Affected versions
max 3.7.0.4.
Status
vulnerable
Previous vulnerability researches
B Blocks &#8211; The ultimate block collection (CVE-2026-32489) , Mar 29, 2026
B Blocks &#8211; The ultimate block collection (CVE-2025-8059) , Aug 12, 2025
B Blocks &#8211; The ultimate block collection (ca74bacceb60973eeb228d127379636c61208cb5) , Jun 07, 2024
B Blocks &#8211; The ultimate block collection (CVE-2025-32173) , Apr 06, 2025
B Blocks &#8211; The ultimate block collection (CVE-2026-39579) , Apr 23, 2026
New vulnerability
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag &amp; Drop WP Form Builder (CVE-2025-9260) , Apr 23, 2026
Text Snippets (CVE-2026-5748) , Apr 23, 2026
Bread &amp; Butter: real lead capture, gated content &amp; newsletter opt-ins (CVE-2026-4279) , Apr 23, 2026
WP News and Scrolling Widgets (CVE-2026-6443) , Apr 23, 2026
Event Manager, Events Calendar, Events Tickets for WooCommerce &#8211; Eventin (CVE-2025-7813) , Apr 23, 2026