cleantalk
Vulnerabilities and Security Researches

WP Image Mask, CVE-2025-48235

CVE, Research URL

CVE-2025-48235

Home page URL

Security reports for WP Image Mask

Application

WP Image Mask

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bogdan Bendziukov WP Image Mask allows DOM-Based XSS. This issue affects WP Image Mask: from n/a through 3.1.2.
Affected versions
Min -, max 3.1.3.
Status
vulnerable
Previous vulnerability researches
Simple Booking – Widget (CVE-2024-54433) , Dec 18, 2024
New vulnerability
Bot for Telegram on WooCommerce (CVE-2025-48268) , May 24, 2025
WP Image Mask (CVE-2025-48235) , May 23, 2025
TablePress – Tables in WordPress made easy (CVE-2025-5096) , May 23, 2025
Raisely Donation Form (CVE-2025-3781) , May 23, 2025
Simplelightbox (CVE-2024-5878) , May 23, 2025