cleantalk
Vulnerabilities and Security Researches

Product Catalog Simple, CVE-2025-58992

CVE, Research URL

CVE-2025-58992

Home page URL

Security reports for Product Catalog Simple

Application

Product Catalog Simple

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode Product Catalog Simple post-type-x allows Stored XSS.This issue affects Product Catalog Simple: from n/a through <= 1.8.2.
Affected versions
max 1.8.3.
Status
vulnerable
Previous vulnerability researches
Simple User Meta Editor (CVE-2025-14888) , Jan 11, 2026
New vulnerability
Verowa Connect (CVE-2025-58257) , Apr 25, 2026
Image Editor by Pixo (CVE-2025-58232) , Apr 25, 2026
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2025-2799) , Apr 25, 2026
Kubio AI Page Builder (CVE-2025-8487) , Apr 25, 2026
PlayerJS (CVE-2025-58651) , Apr 25, 2026