cleantalk
Vulnerabilities and Security Researches

Photo Contest | Competition | Video Contest, CVE-2025-23782

CVE, Research URL

CVE-2025-23782

Home page URL

Security reports for Photo Contest | Competition | Video Contest

Application

Photo Contest | Competition | Video Contest

Published on
Apr 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TotalSuite TotalContest Lite allows Reflected XSS. This issue affects TotalContest Lite: from n/a through 2.8.1.
Affected versions
Min -, max 2.9.0.
Status
vulnerable
Previous vulnerability researches
HTML5 Video Player with Playlist (CVE-2025-32536) , Apr 13, 2025
HTML5 Video Player with Playlist (CVE-2014-4534) , Jun 07, 2024
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025