cleantalk
Vulnerabilities and Security Researches

WP Twitter Button, CVE-2025-39420

CVE, Research URL

CVE-2025-39420

Home page URL

Security reports for WP Twitter Button

Application

WP Twitter Button

Published on
Apr 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ruudkok WP Twitter Button allows Stored XSS. This issue affects WP Twitter Button: from n/a through 1.4.1.
Affected versions
Min -, max 1.4.1.
Status
vulnerable
Previous vulnerability researches
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-32653) , Apr 17, 2025
Cart66 Cloud :: WordPress Ecommerce The Easy Way (CVE-2025-2841) , Apr 13, 2025
New vulnerability
All push notification for WP (CVE-2025-32546) , Apr 19, 2025
Hotel Booking (CVE-2025-39526) , Apr 19, 2025
TableOn – WordPress Posts Table Filterable  (CVE-2025-32592) , Apr 19, 2025
WP Social Bookmarking (CVE-2025-39422) , Apr 19, 2025
Anthologize (CVE-2025-39437) , Apr 19, 2025