cleantalk
Vulnerabilities and Security Researches

Cloudflare, 1674fd5d30f242cd9c1196dcd4154e705baacb9c

CVE, Research URL

1674fd5d30f242cd9c1196dcd4154e705baacb9c

Home page URL

Security reports for Cloudflare

Application

Cloudflare

Published on
Mar 28, 2016
Research Description
Cloudflare [cloudflare] < 1.3.21 Cloudflare < 1.3.21 - Cross-Site Scripting The Cloudflare plugin for WordPress is vulnerable to Cross-Site Scripting via several parameters in versions before 1.3.21 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.
Affected versions
max 1.3.21.
Status
vulnerable
Previous vulnerability researches
Video Analytics for Cloudflare Stream (CVE-2023-33999) , Jun 13, 2026
Video Analytics for Cloudflare Stream (4c17aaeb137b1b4d1db7fb193bb5506f568466d9) , Jun 07, 2024
CloudFlare(R) Cache Purge (CVE-2025-22332) , Feb 03, 2025
Simple Cloudflare Turnstile &#8211; CAPTCHA Alternative (CVE-2023-5135) , Jun 06, 2024
Simple Cloudflare Turnstile &#8211; CAPTCHA Alternative (CVE-2026-40799) , May 12, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026