cleantalk
Vulnerabilities and Security Researches

WordPress Tooltip, CVE-2025-46532

CVE, Research URL

CVE-2025-46532

Home page URL

Security reports for WordPress Tooltip

Application

WordPress Tooltip

Published on
Apr 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haris Zulfiqar Tooltip allows DOM-Based XSS. This issue affects Tooltip: from n/a through 1.0.1.
Affected versions
Min -, max 1.0.1.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
New vulnerability
Prevent Direct Access – Protect WordPress Files (CVE-2025-3923) , Apr 27, 2025
Prevent Direct Access – Protect WordPress Files (CVE-2025-3861) , Apr 27, 2025
Aeropage Sync for Airtable (CVE-2025-3914) , Apr 27, 2025
Aeropage Sync for Airtable (CVE-2025-3915) , Apr 27, 2025
Add custom page template (CVE-2025-3491) , Apr 27, 2025