cleantalk
Vulnerabilities and Security Researches

Simple SEO, CVE-2025-10357

CVE, Research URL

CVE-2025-10357

Home page URL

Security reports for Simple SEO

Application

Simple SEO

Published on
Oct 14, 2025
Research Description
The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks.
Affected versions
max 2.0.32.
Status
vulnerable
Previous vulnerability researches
Inpersttion For Theme (CVE-2025-8905) , Aug 16, 2025
New vulnerability
Demo Import Kit (CVE-2025-10051) , Nov 11, 2025
Slider Templates (CVE-2025-62988) , Nov 11, 2025
bbPress Notify (No-Spam) (CVE-2025-49962) , Nov 11, 2025
Multilang Contact Form (CVE-2025-62896) , Nov 11, 2025
Simple Stripe Checkout (CVE-2025-49963) , Nov 11, 2025