cleantalk
Vulnerabilities and Security Researches

Review Disclaimer, CVE-2025-67628

CVE, Research URL

CVE-2025-67628

Home page URL

Security reports for Review Disclaimer

Application

Review Disclaimer

Published on
Dec 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AMP-MODE Review Disclaimer review-disclaimer allows Stored XSS.This issue affects Review Disclaimer: from n/a through <= 2.0.3.
Affected versions
max 2.0.3.
Status
vulnerable
Previous vulnerability researches
BeerXML Shortcode (CVE-2025-46511) , Apr 26, 2025
New vulnerability
WPForms Google Sheet Connector (CVE-2025-67570) , Jan 11, 2026
Contact Form Email (CVE-2025-10019) , Jan 11, 2026
WING WordPress Migrator (CVE-2025-52835) , Jan 10, 2026
WP Webhooks &#8211; Automate repetitive tasks by creating powerful automation workflows directly within WordPress (CVE-2025-66074) , Jan 10, 2026
1180px Shortcodes (CVE-2025-14114) , Jan 10, 2026