cleantalk
Vulnerabilities and Security Researches

Custom Sidebars – Dynamic Sidebar Widget Area Manager, 031d4558291f173203208ade5caa0576b679bd4d

CVE, Research URL

031d4558291f173203208ade5caa0576b679bd4d

Home page URL

Security reports for Custom Sidebars – Dynamic Sidebar Widget Area Manager

Application

Custom Sidebars – Dynamic Sidebar Widget Area Manager

Published on
Jan 11, 2015
Research Description
Custom Sidebars &#8211; Dynamic Sidebar Classic Widget Area Manager [custom-sidebars] < 2.1.0.2 Custom Sidebars < 2.1.0.2 - Reflected Cross Site Scripting The Custom Sidebars plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the cs-msg parameter in versions up to, and including, 2.1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 2.1.0.2.
Status
vulnerable
Previous vulnerability researches
Custom Sidebars by ProteusThemes (CVE-2025-62733) , Dec 11, 2025
Custom Sidebars &#8211; Dynamic Sidebar Widget Area Manager (CVE-2017-18511) , Jun 07, 2024
Custom Sidebars &#8211; Dynamic Sidebar Widget Area Manager (CVE-2017-18510) , Jun 07, 2024
Custom Sidebars &#8211; Dynamic Sidebar Widget Area Manager (9539c0ea-1a75-4509-9415-30598fa78c12) , Jun 16, 2026
Custom Sidebars &#8211; Dynamic Sidebar Widget Area Manager (3e34ba3532550ca1a8f1b12fe60f0433986b4cbb) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026