cleantalk
Vulnerabilities and Security Researches

WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin, CVE-2025-53270

CVE, Research URL

CVE-2025-53270

Home page URL

Security reports for WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin

Application

WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin

Published on
Jun 27, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Blend Media WordPress CTA allows Cross Site Request Forgery. This issue affects WordPress CTA: from n/a through 1.6.9.
Affected versions
Min -, max 1.6.9.
Status
vulnerable
Previous vulnerability researches
Responsive Owl Carousel for Elementor (CVE-2024-5345) , Jun 07, 2024
New vulnerability
File Manager Pro – Filester (CVE-2025-52710) , Jul 03, 2025
Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress (CVE-2025-5398) , Jul 03, 2025
EC Stars Rating (CVE-2025-53296) , Jul 03, 2025
Address Autocomplete via Google for Gravity Forms (CVE-2025-53263) , Jul 03, 2025
Spoki – Chat Buttons and WooCommerce Notifications (CVE-2025-50026) , Jul 03, 2025