cleantalk
Vulnerabilities and Security Researches

Hacklog Remote Attachment, CVE-2025-46530

CVE, Research URL

CVE-2025-46530

Home page URL

Security reports for Hacklog Remote Attachment

Application

Hacklog Remote Attachment

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment allows Stored XSS. This issue affects Hacklog Remote Attachment: from n/a through 1.3.2.
Affected versions
Min -, max 1.3.2.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
New vulnerability
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025
Drop Caps (CVE-2025-46495) , Apr 26, 2025
WpZon – Amazon Affiliate Plugin (CVE-2025-46506) , Apr 26, 2025