cleantalk
Vulnerabilities and Security Researches

WP Notes Widget, CVE-2025-48121

CVE, Research URL

CVE-2025-48121

Home page URL

Security reports for WP Notes Widget

Application

WP Notes Widget

Published on
May 16, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Puddick WP Notes Widget allows DOM-Based XSS. This issue affects WP Notes Widget: from n/a through 1.0.6.
Affected versions
Min -, max 1.0.6.
Status
vulnerable
Previous vulnerability researches
The GDPR Framework By Data443 (CVE-2024-13621) , May 17, 2025
New vulnerability
WooCommerce POS (CVE-2025-48117) , May 18, 2025
BERTHA AI. Your AI co-pilot for WordPress and Chrome (CVE-2025-48138) , May 18, 2025
SEO Flow by LupsOnline (CVE-2025-48146) , May 18, 2025
MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution (CVE-2025-4101) , May 18, 2025
WP Tabs – Responsive Tabs Plugin for WordPress (CVE-2025-48134) , May 18, 2025