cleantalk
Vulnerabilities and Security Researches

WP24 Domain Check, 78ea2ec0fca01dd53451fe8e05374ed7fbe409bb

CVE, Research URL

78ea2ec0fca01dd53451fe8e05374ed7fbe409bb

Home page URL

Security reports for WP24 Domain Check

Application

WP24 Domain Check

Published on
Jan 06, 2021
Research Description
WP24 Domain Check [wp24-domain-check] < 1.6.3 WP24 Domain Check <= 1.6.2 - Cross-Site Scripting The WP24 Domain Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 1.6.3.
Status
vulnerable
Previous vulnerability researches
Elizaibots (CVE-2025-49893) , Aug 20, 2025
Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026
New vulnerability
WordPress Tag and Category Manager &#8211; AI Autotagger (725f4d7ae3507b77a248c59e57beafdb1cafb51e) , Jun 16, 2026
WordPress Tag and Category Manager &#8211; AI Autotagger (b906aa3b9e061a276e110ef20b96ef5743bb2f5d) , Jun 16, 2026
Tooltipy (tooltips for WP) (e0fa0cd5d5c81f9f61dd0532a811001ce998b39c) , Jun 16, 2026
Tooltipy (tooltips for WP) (4e1d4e1d-7512-43ff-bf85-f9c31da730fe) , Jun 16, 2026
Tooltipy (tooltips for WP) (88fba72c-5166-4be7-8fab-cab8379434b1) , Jun 16, 2026