cleantalk
Vulnerabilities and Security Researches

Advanced iFrame, CVE-2026-25453

CVE, Research URL

CVE-2026-25453

Home page URL

Security reports for Advanced iFrame

Application

Advanced iFrame

Published on
Feb 19, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through <= 2025.10.
Affected versions
max 2025.10.
Status
vulnerable
Previous vulnerability researches
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
New vulnerability
ViaBill &#8211; WooCommerce (CVE-2026-25469) , Mar 30, 2026
WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses (CVE-2026-31914) , Mar 30, 2026
YML for Yandex Market (CVE-2026-32567) , Mar 30, 2026
OVRI Payment (CVE-2024-10938) , Mar 30, 2026
Textmetrics (CVE-2026-32331) , Mar 30, 2026