cleantalk
Vulnerabilities and Security Researches

Dropdown Content, CVE-2025-46478

CVE, Research URL

CVE-2025-46478

Home page URL

Security reports for Dropdown Content

Application

Dropdown Content

Published on
Apr 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in metaloha Dropdown Content allows Stored XSS. This issue affects Dropdown Content: from n/a through 1.0.2.
Affected versions
Min -, max 1.0.2.
Status
vulnerable
Previous vulnerability researches
Additional Custom Product Tabs for WooCommerce (CVE-2025-26749) , Apr 15, 2025
Custom Product Tabs For WooCommerce (CVE-2024-12721) , Dec 22, 2024
New vulnerability
Lead Form Data Collection to CRM (CVE-2025-47690) , May 14, 2025
WordPress Portfolio Builder – Portfolio Gallery (CVE-2025-1757) , May 14, 2025
LiteSpeed Cache (CVE-2025-47437) , May 14, 2025
Frontend Dashboard (CVE-2025-4474) , May 14, 2025
Frontend Dashboard (CVE-2025-4473) , May 14, 2025