cleantalk
Vulnerabilities and Security Researches

Cool Author Box – For Widget and Post Content, fbeb6eb681ba1e4d98291e58119ab2ce3efdce86

CVE, Research URL

fbeb6eb681ba1e4d98291e58119ab2ce3efdce86

Home page URL

Security reports for Cool Author Box – For Widget and Post Content

Application

Cool Author Box – For Widget and Post Content

Published on
Jul 18, 2023
Research Description
Cool Author Box &#8211; For Widget and Post Content [hm-cool-author-box-widget] < 2.9.6 WordPress Cool Author Box - For Widget and Post Content Plugin <= 2.9.5 is vulnerable to Cross Site Scripting (XSS) No patched version available. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Cool Author Box - For Widget and Post Content Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.
Affected versions
Min -, max 2.9.6.
Status
vulnerable
Previous vulnerability researches
Cool Author Box &#8211; For Widget and Post Content (fbeb6eb681ba1e4d98291e58119ab2ce3efdce86) , Jun 06, 2024
Cool Author Box &#8211; For Widget and Post Content (CVE-2025-30830) , Apr 02, 2025
Cool Author Box &#8211; For Widget and Post Content (CVE-2025-47447) , May 09, 2025
New vulnerability
1 Click WordPress Migration Plugin &#8211; 100% FREE for a limited time (CVE-2025-3455) , May 10, 2025
EUCookieLaw (CVE-2025-3897) , May 10, 2025
Frontend Login and Registration Blocks (CVE-2025-3605) , May 10, 2025
WordPress CRM, Email &amp; Marketing Automation for WordPress | Award Winner — Groundhogg (CVE-2025-4206) , May 10, 2025
Top 10 &#8211; WordPress Popular posts by WebberZone (CVE-2025-47509) , May 09, 2025