cleantalk
Vulnerabilities and Security Researches

WP Super Edit, CVE-2025-49948

CVE, Research URL

CVE-2025-49948

Home page URL

Security reports for WP Super Edit

Application

WP Super Edit

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a through <= 2.5.4.
Affected versions
max 2.5.4.
Status
vulnerable
Previous vulnerability researches
Monsters Editor for WP Super Edit (5837c8098d5a525f036e44b2f5c4e2aeda29a767) , Jun 07, 2024
New vulnerability
WP Super Edit (CVE-2025-49948) , Nov 12, 2025
Import WP – Export and Import CSV and XML files to WordPress (CVE-2025-12137) , Nov 12, 2025
XX2WP Integration Tools (CVE-2025-11857) , Nov 12, 2025
Greenshift &#8211; animation and page builder blocks (CVE-2025-11841) , Nov 11, 2025
Range Slider AddOn for Gravity Forms (CVE-2025-49905) , Nov 11, 2025