cleantalk
Vulnerabilities and Security Researches

Flags Widget, CVE-2025-32479

CVE, Research URL

CVE-2025-32479

Home page URL

Security reports for Flags Widget

Application

Flags Widget

Published on
Apr 09, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in ab-tools Flags Widget allows Stored XSS. This issue affects Flags Widget: from n/a through 1.0.7.
Affected versions
Min -, max 1.0.7.
Status
vulnerable
Previous vulnerability researches
Quiz Maker (CVE-2021-24456) , Jun 06, 2024
Quiz Maker (CVE-2024-10633) , Jan 29, 2025
Quiz Maker (CVE-2023-23985) , Jun 06, 2024
Quiz Maker (CVE-2023-6155) , Jun 06, 2024
Quiz Maker (CVE-2023-6166) , Jun 06, 2024
New vulnerability
Total processing card payments for WooCommerce (CVE-2025-32513) , Apr 18, 2025
WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms (CVE-2025-39560) , Apr 18, 2025
CRUDLab Scroll to Top (CVE-2025-22774) , Apr 18, 2025
Editor Wysiwyg Background Color (CVE-2025-23958) , Apr 18, 2025
Subscribe to Unlock Lite – Opt In Content Locker Plugin for WordPress (CVE-2025-39592) , Apr 18, 2025