cleantalk
Vulnerabilities and Security Researches

Advanced iFrame, CVE-2026-25453

CVE, Research URL

CVE-2026-25453

Home page URL

Security reports for Advanced iFrame

Application

Advanced iFrame

Published on
Feb 19, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through <= 2025.10.
Affected versions
max 2025.10.
Status
vulnerable
Previous vulnerability researches
Booking Weir (2e61817c8a383fba887267b21f5423e453a335d3) , Jun 07, 2024
New vulnerability
Envo Extra (CVE-2026-32386) , Mar 30, 2026
WP TripAdvisor Review Slider (CVE-2026-32490) , Mar 30, 2026
AI ChatBot (CVE-2026-32499) , Mar 30, 2026
ViaBill &#8211; WooCommerce (CVE-2026-25469) , Mar 30, 2026
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2026-31914) , Mar 30, 2026