cleantalk
Vulnerabilities and Security Researches

Blox Lite, CVE-2025-62940

CVE, Research URL

CVE-2025-62940

Home page URL

Security reports for Blox Lite

Application

Blox Lite

Published on
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Diego Blox Lite blox-lite allows Stored XSS.This issue affects Blox Lite: from n/a through <= 1.2.8.
Affected versions
max 1.2.8.
Status
vulnerable
Previous vulnerability researches
Playerzbr (CVE-2025-11825) , Nov 10, 2025
New vulnerability
Custom Post Type Attachment (CVE-2025-62907) , Nov 11, 2025
Finale Lite &#8211; Sales Countdown Timer &amp; Discount for WooCommerce (CVE-2025-52736) , Nov 11, 2025
APPExperts &#8211; Mobile App Builder for WordPress | WooCommerce to iOS and Android Apps (CVE-2025-53218) , Nov 11, 2025
Recipe Card Blocks for Gutenberg &amp; Elementor &#8211; Best WordPress Recipe Plugin (CVE-2025-62019) , Nov 11, 2025
Premmerce Product Search for WooCommerce (CVE-2025-64289) , Nov 11, 2025