cleantalk
Vulnerabilities and Security Researches

Wp Custom CMS Block, CVE-2025-46457

CVE, Research URL

CVE-2025-46457

Home page URL

Security reports for Wp Custom CMS Block

Application

Wp Custom CMS Block

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in digontoahsan Wp Custom CMS Block allows Stored XSS. This issue affects Wp Custom CMS Block: from n/a through 2.1.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
MainWP Child Reports (CVE-2024-33680) , Jun 06, 2024
MainWP Child Reports (CVE-2021-24754) , Jun 06, 2024
MainWP Child Reports (CVE-2024-7492) , Aug 09, 2024
New vulnerability
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-39400) , Apr 26, 2025
License For Envato (CVE-2025-39399) , Apr 25, 2025
occupancyplan (CVE-2025-46450) , Apr 25, 2025
Wp Custom CMS Block (CVE-2025-46457) , Apr 25, 2025
Google News (CVE-2025-46452) , Apr 25, 2025