cleantalk
Vulnerabilities and Security Researches

WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden, CVE-2025-32922

CVE, Research URL

CVE-2025-32922

Home page URL

Security reports for WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden

Application

WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden

Published on
May 16, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Tobias WP2LEADS allows Stored XSS.This issue affects WP2LEADS: from n/a through 3.5.0.
Affected versions
Min -, max 3.5.0.
Status
vulnerable
Previous vulnerability researches
Emails Blacklist for Everest Forms (4e0b8221f9787e16f8849dff3026eadc73126b28) , Jun 07, 2024
New vulnerability
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Element (CVE-2025-48131) , May 18, 2025
Simple Lightbox (CVE-2025-3516) , May 18, 2025
RS WP Book ShowCase – WordPress Book Gallery Plugin (Book Slider, Book Carousel, Book Grid, Book List)) (CVE-2025-48119) , May 18, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-48079) , May 18, 2025
Estatik Mortgage Calculator (CVE-2025-48136) , May 18, 2025