cleantalk
Vulnerabilities and Security Researches

iframe Wrapper, CVE-2025-49422

CVE, Research URL

CVE-2025-49422

Home page URL

Security reports for iframe Wrapper

Application

iframe Wrapper

Published on
Aug 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aelora iframe Wrapper allows DOM-Based XSS. This issue affects iframe Wrapper: from n/a through 0.1.1.
Affected versions
Min -, max 0.1.1.
Status
vulnerable
Previous vulnerability researches
Infility Global (CVE-2024-12723) , Jan 29, 2025
Infility Global (CVE-2024-11496) , Jan 08, 2025
Infility Global (CVE-2025-47651) , Jun 14, 2025
Infility Global (CVE-2024-12290) , Jan 08, 2025
Infility Global (CVE-2025-47650) , Aug 21, 2025
New vulnerability
Testimonial (CVE-2025-49410) , Aug 23, 2025
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) (CVE-2025-8607) , Aug 23, 2025
Terms of Service & Privacy Policy Generator (CVE-2025-49413) , Aug 23, 2025
Comments Capcha Box (CVE-2025-53226) , Aug 23, 2025
ads.txt Guru Connect (CVE-2025-49381) , Aug 23, 2025