cleantalk
Vulnerabilities and Security Researches

WP-Click-Tracker, CVE-2025-49954

CVE, Research URL

CVE-2025-49954

Home page URL

Security reports for WP-Click-Tracker

Application

WP-Click-Tracker

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mithra62 WP-Click-Tracker wp-click-track allows Reflected XSS.This issue affects WP-Click-Tracker: from n/a through <= 0.7.3.
Affected versions
max 0.7.3.
Status
vulnerable
Previous vulnerability researches
Popup Maker &#8211; Responsive popup, Exit Intent Pop up, Email Optins, Autoresponder &amp; More (CVE-2024-34770) , Jun 07, 2024
Popup Maker &#8211; Popup for opt-ins, lead gen, &amp; more (CVE-2024-5561) , Sep 11, 2024
Popup Maker &#8211; Popup for opt-ins, lead gen, &amp; more (CVE-2025-4205) , Jun 06, 2025
Popup Maker &#8211; Popup for opt-ins, lead gen, &amp; more (CVE-2025-24746) , Jan 25, 2025
Popup Maker &#8211; Popup for opt-ins, lead gen, &amp; more (CVE-2022-3690) , Jun 07, 2024
New vulnerability
WP Links Page (CVE-2025-10175) , Nov 10, 2025
WooCommerce Affiliate Plugin &#8211; Coupon Affiliates (CVE-2025-62884) , Nov 10, 2025
Fix Multiple Redirects (CVE-2025-48092) , Nov 10, 2025
Photospace Responsive Gallery (CVE-2025-62899) , Nov 10, 2025
Grid Plus &#8211; Unlimited grid layout (CVE-2025-53352) , Nov 10, 2025