cleantalk
Vulnerabilities and Security Researches

Heateor Social Login WordPress, CVE-2024-35707

CVE, Research URL

CVE-2024-35707

Home page URL

Security reports for Heateor Social Login WordPress

Application

Heateor Social Login WordPress

Published on
Jun 08, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login: from n/a through 1.1.32.
Affected versions
max 1.1.33.
Status
vulnerable
Previous vulnerability researches
Heateor Social Login WordPress (CVE-2025-68998) , Jan 10, 2026
Heateor Social Login WordPress (CVE-2024-24712) , Jun 07, 2024
Heateor Social Login WordPress (CVE-2024-32674) , Jun 07, 2024
Heateor Social Login WordPress (CVE-2024-35706) , Jun 10, 2024
Heateor Social Login WordPress (CVE-2024-35707) , Jun 10, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026