cleantalk
Vulnerabilities and Security Researches

Custom Smilies, CVE-2025-28917

CVE, Research URL

CVE-2025-28917

Home page URL

Security reports for Custom Smilies

Application

Custom Smilies

Published on
Mar 26, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Smilies allows Stored XSS. This issue affects Custom Smilies: from n/a through 2.9.2.
Affected versions
Min -, max 2.9.2.
Status
vulnerable
Previous vulnerability researches
Custom Smilies (CVE-2025-32482) , Apr 11, 2025
Custom Smilies (CVE-2025-28917) , Mar 27, 2025
New vulnerability
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025