cleantalk
Vulnerabilities and Security Researches

Team Showcase, CVE-2025-62745

CVE, Research URL

CVE-2025-62745

Home page URL

Security reports for Team Showcase

Application

Team Showcase

Published on
May 26, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through 1.22.28.
Affected versions
max 1.22.28.
Status
vulnerable
Previous vulnerability researches
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7129) , Sep 15, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7877) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7876) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-3658) , Apr 13, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-3045) , Apr 13, 2026
New vulnerability
Organization chart (CVE-2026-24597) , May 27, 2026
WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager (CVE-2026-8832) , May 27, 2026
QR Redirector (CVE-2026-24545) , May 27, 2026
Export WP Page to Static HTML/CSS (CVE-2026-24574) , May 27, 2026
Team Showcase (CVE-2025-62745) , May 27, 2026