cleantalk
Vulnerabilities and Security Researches

xili-dictionary, CVE-2025-30840

CVE, Research URL

CVE-2025-30840

Home page URL

Security reports for xili-dictionary

Application

xili-dictionary

Published on
Apr 01, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-dictionary allows Reflected XSS. This issue affects xili-dictionary: from n/a through 2.12.5.
Affected versions
Min -, max 2.12.5.1.
Status
vulnerable
Previous vulnerability researches
Cart tracking for WooCommerce (d666481e974f21c6b520fbaf7e0c7d274c39fb4b) , Jun 07, 2024
Cart tracking for WooCommerce (CVE-2025-30791) , Mar 28, 2025
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025