cleantalk
Vulnerabilities and Security Researches

Essential Widgets, CVE-2025-67543

CVE, Research URL

CVE-2025-67543

Home page URL

Security reports for Essential Widgets

Application

Essential Widgets

Published on
Dec 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Catch Themes Essential Widgets essential-widgets allows Stored XSS.This issue affects Essential Widgets: from n/a through <= 2.2.2.
Affected versions
max 2.2.2.
Status
vulnerable
Previous vulnerability researches
Essential Widgets (CVE-2026-0867) , Apr 15, 2026
Essential Widgets (CVE-2025-67543) , Jan 10, 2026
Essential Widgets (CVE-2021-24752) , Jun 07, 2024
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift &#8211; animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift &#8211; animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026