cleantalk
Vulnerabilities and Security Researches

WP Notes Widget, CVE-2025-48121

CVE, Research URL

CVE-2025-48121

Home page URL

Security reports for WP Notes Widget

Application

WP Notes Widget

Published on
May 16, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Puddick WP Notes Widget allows DOM-Based XSS. This issue affects WP Notes Widget: from n/a through 1.0.6.
Affected versions
Min -, max 1.0.6.
Status
vulnerable
Previous vulnerability researches
EG-Series (CVE-2025-4126) , May 16, 2025
New vulnerability
Bold Page Builder (CVE-2025-3715) , May 18, 2025
Wise Chat (CVE-2024-13613) , May 18, 2025
WP Booking Calendar (CVE-2025-4669) , May 18, 2025
WooCommerce POS (CVE-2025-48117) , May 18, 2025
BERTHA AI. Your AI co-pilot for WordPress and Chrome (CVE-2025-48138) , May 18, 2025