cleantalk
Vulnerabilities and Security Researches

IP2Location Variables, CVE-2025-39455

CVE, Research URL

CVE-2025-39455

Home page URL

Security reports for IP2Location Variables

Application

IP2Location Variables

Published on
Apr 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location Variables allows Reflected XSS. This issue affects IP2Location Variables: from n/a through 2.9.5.
Affected versions
Min -, max 2.9.6.
Status
vulnerable
Previous vulnerability researches
Greek Multi Tool – Fix peralinks, accents, auto create menus and more (CVE-2025-30797) , Apr 03, 2025
Greek Multi Tool – Fix peralinks, accents, auto create menus and more (92f39676e7503fa50c518878fe29e023c4764539) , Mar 07, 2025
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025