cleantalk
Vulnerabilities and Security Researches

WP REST Cache, CVE-2026-25347

CVE, Research URL

CVE-2026-25347

Home page URL

Security reports for WP REST Cache

Application

WP REST Cache

Published on
Mar 25, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.This issue affects WP REST Cache: from n/a through <= 2026.1.0.
Affected versions
max 2026.1.0.
Status
vulnerable
Previous vulnerability researches
Hello Elementor (CVE-2024-31289) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-43292) , Aug 20, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-0766) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-35167) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-50447) , Oct 27, 2024
New vulnerability
WP Booking Calendar (CVE-2026-32358) , Mar 29, 2026
Subscriptions for WooCommerce &#8211; Subscription Plugin for Collecting Recurring Revenue, Sell Membership Subscription Servic (CVE-2026-24372) , Mar 29, 2026
Meta Box &#8211; WordPress Custom Fields Framework (CVE-2025-14675) , Mar 29, 2026
Admin and Site Enhancements (ASE) (CVE-2026-32423) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2026-28135) , Mar 29, 2026