cleantalk
Vulnerabilities and Security Researches

CodePen Embed Block, CVE-2025-50023

CVE, Research URL

CVE-2025-50023

Home page URL

Security reports for CodePen Embed Block

Application

CodePen Embed Block

Published on
Jun 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embed Block allows Stored XSS. This issue affects CodePen Embed Block: from n/a through 1.1.1.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
ShiftNav – Responsive Mobile Menu (CVE-2025-49243) , Jun 15, 2025
ShiftNav – Responsive Mobile Menu (CVE-2022-4627) , Jun 07, 2024
New vulnerability
App Builder – Create Native Android & iOS Apps On The Flight (CVE-2025-49989) , Jul 01, 2025
Sitekit (CVE-2025-50047) , Jul 01, 2025
Responsive Food and Drink Menu (CVE-2025-6378) , Jul 01, 2025
Flexo Counter (CVE-2025-50052) , Jul 01, 2025
Classified Listing – Classified ads & Business Directory Plugin (CVE-2025-52715) , Jul 01, 2025