cleantalk
Vulnerabilities and Security Researches

WP Pipes, CVE-2025-28977

CVE, Research URL

CVE-2025-28977

Home page URL

Security reports for WP Pipes

Application

WP Pipes

Published on
Aug 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3.
Affected versions
Min -, max 1.4.3.
Status
vulnerable
Previous vulnerability researches
Cookies and Content Security Policy (CVE-2025-51529) , Aug 20, 2025
Cookies and Content Security Policy (CVE-2023-40662) , Jun 07, 2024
New vulnerability
Notice Bar (CVE-2025-49389) , Aug 23, 2025
Testimonial (CVE-2025-49410) , Aug 23, 2025
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) (CVE-2025-8607) , Aug 23, 2025
Terms of Service & Privacy Policy Generator (CVE-2025-49413) , Aug 23, 2025
Comments Capcha Box (CVE-2025-53226) , Aug 23, 2025