cleantalk
Vulnerabilities and Security Researches

SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity, CVE-2025-32167

CVE, Research URL

CVE-2025-32167

Home page URL

Security reports for SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity

Application

SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20.
Affected versions
Min -, max 1.12.20.
Status
vulnerable
Previous vulnerability researches
Swiss Toolkit For WP (CVE-2025-31546) , Apr 03, 2025
Swiss Toolkit For WP (CVE-2025-31544) , Apr 03, 2025
Swiss Toolkit For WP (CVE-2024-5204) , Jun 07, 2024
New vulnerability
Radius Blocks – WordPress Gutenberg Blocks (CVE-2025-32159) , Apr 06, 2025
Wishlist (CVE-2025-32272) , Apr 06, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-32184) , Apr 06, 2025
Social Intents – Live Chat and ChatGPT Chatbots (CVE-2025-32131) , Apr 06, 2025
s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscription (CVE-2025-32137) , Apr 06, 2025