cleantalk
Vulnerabilities and Security Researches

IP2Location Variables, CVE-2025-39455

CVE, Research URL

CVE-2025-39455

Home page URL

Security reports for IP2Location Variables

Application

IP2Location Variables

Published on
Apr 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location Variables allows Reflected XSS. This issue affects IP2Location Variables: from n/a through 2.9.5.
Affected versions
Min -, max 2.9.6.
Status
vulnerable
Previous vulnerability researches
Download Manager and Payment Form WordPress Plugin – WP SmartPay (CVE-2025-32689) , Apr 14, 2025
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025