cleantalk
Vulnerabilities and Security Researches

Hostel, CVE-2025-66119

CVE, Research URL

CVE-2025-66119

Home page URL

Security reports for Hostel

Application

Hostel

Published on
Dec 18, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Hostel hostel allows Reflected XSS.This issue affects Hostel: from n/a through <= 1.1.5.9.
Affected versions
max 1.1.5.9.
Status
vulnerable
Previous vulnerability researches
Hostel (CVE-2025-39566) , Apr 18, 2025
Hostel (CVE-2025-31102) , Apr 02, 2025
Hostel (CVE-2025-30848) , Apr 02, 2025
Hostel (CVE-2023-32120) , Jun 10, 2024
Hostel (CVE-2024-3753) , Jul 15, 2024
New vulnerability
Contextual Related Posts (CVE-2026-2986) , Apr 20, 2026
CubeWP &#8211; All-in-One Dynamic Content Framework (CVE-2025-8615) , Apr 20, 2026
Hostel (CVE-2026-1838) , Apr 20, 2026
Content Blocks (Custom Post Widget) (CVE-2026-0894) , Apr 20, 2026
Youzify – BuddyPress Community, User Profile, Social Network &amp; Membership Plugin for WordPress (CVE-2026-1559) , Apr 20, 2026