cleantalk
Vulnerabilities and Security Researches

Mini twitter feed, CVE-2025-46496

CVE, Research URL

CVE-2025-46496

Home page URL

Security reports for Mini twitter feed

Application

Mini twitter feed

Published on
Apr 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oniswap Mini twitter feed allows Stored XSS. This issue affects Mini twitter feed: from n/a through 3.0.
Affected versions
Min -, max 3.0.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more (CVE-2024-11898) , Dec 06, 2024
New vulnerability
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025
Drop Caps (CVE-2025-46495) , Apr 26, 2025
WpZon – Amazon Affiliate Plugin (CVE-2025-46506) , Apr 26, 2025