cleantalk
Vulnerabilities and Security Researches

Include Me, CVE-2025-58983

CVE, Research URL

CVE-2025-58983

Home page URL

Security reports for Include Me

Application

Include Me

Published on
Sep 09, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Lissa Include Me allows Stored XSS. This issue affects Include Me: from n/a through 1.3.2.
Affected versions
Min -, max 1.3.3.
Status
vulnerable
Previous vulnerability researches
Social Sharing Plugin – Kiwi (e31cb8d2fef02dc018ce1f8277f44aa4e54ea489) , Jun 07, 2024
Social Sharing Plugin – Kiwi (CVE-2021-4362) , Jun 07, 2024
Social Sharing Plugin – Kiwi (CVE-2025-58790) , Sep 07, 2025
Social Sharing Plugin – Kiwi (CVE-2024-3228) , Jul 10, 2024
New vulnerability
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025
Duplicate Page and Post (CVE-2025-6189) , Sep 11, 2025