cleantalk
Vulnerabilities and Security Researches

Drop Caps, CVE-2025-46495

CVE, Research URL

CVE-2025-46495

Home page URL

Security reports for Drop Caps

Application

Drop Caps

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in tomontoast Drop Caps allows Stored XSS. This issue affects Drop Caps: from n/a through 2.1.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
New vulnerability
Aeropage Sync for Airtable (CVE-2025-3914) , Apr 27, 2025
Aeropage Sync for Airtable (CVE-2025-3915) , Apr 27, 2025
Add custom page template (CVE-2025-3491) , Apr 27, 2025
Ajax Comment Form CST (CVE-2025-3867) , Apr 27, 2025
Best Quiz Plugin for WordPress: WP Quiz (CVE-2025-46482) , Apr 27, 2025