cleantalk
Vulnerabilities and Security Researches

Code Snippets, CVE-2021-25008

CVE, Research URL

CVE-2021-25008

Home page URL

Security reports for Code Snippets

Application

Code Snippets

Published on
Jan 24, 2022
Research Description
The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue
Affected versions
max 2.14.3.
Status
vulnerable
Previous vulnerability researches
Code Snippets CPT (CVE-2024-13895) , Mar 08, 2025
Easy Code Snippets (CVE-2025-23780) , Jan 18, 2025
Easy Code Snippets (CVE-2022-4974) , Nov 15, 2024
Easy Code Snippets (CVE-2024-11464) , Dec 08, 2024
Easy Code Snippets (9c520bd00fffb08cd81aff79a4b766b6b389dacd) , Jun 07, 2024
New vulnerability
WPForms Google Sheet Connector (CVE-2025-67570) , Jan 11, 2026
Contact Form Email (CVE-2025-10019) , Jan 11, 2026
WING WordPress Migrator (CVE-2025-52835) , Jan 10, 2026
WP Webhooks – Automate repetitive tasks by creating powerful automation workflows directly within WordPress (CVE-2025-66074) , Jan 10, 2026
1180px Shortcodes (CVE-2025-14114) , Jan 10, 2026