cleantalk
Vulnerabilities and Security Researches

Link Whisper Free, CVE-2026-22357

CVE, Research URL

CVE-2026-22357

Home page URL

Security reports for Link Whisper Free

Application

Link Whisper Free

Published on
Feb 20, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through <= 0.9.0.
Affected versions
max 0.9.0.
Status
vulnerable
Previous vulnerability researches
Link Whisper Free (CVE-2025-22306) , Jan 09, 2025
Link Whisper Free (CVE-2024-2693) , Jun 07, 2024
Link Whisper Free (f76d18128d996b9b9f3b16d6738c1c5bed2c87c7) , Jun 07, 2024
Link Whisper Free (CVE-2023-47852) , Jun 07, 2024
Link Whisper Free (CVE-2024-27992) , Jun 07, 2024
New vulnerability
Contact Form 7 reCAPTCHA (CVE-2025-8280) , Apr 27, 2026
Backup Migration (CVE-2026-39480) , Apr 27, 2026
WP-BusinessDirectory &#8211; Business directory plugin for WordPress (CVE-2026-39591) , Apr 27, 2026
WP Hotel Booking (CVE-2025-8942) , Apr 27, 2026
Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling (CVE-2026-39432) , Apr 27, 2026