cleantalk
Vulnerabilities and Security Researches

Custom Team Manager, CVE-2025-58840

CVE, Research URL

CVE-2025-58840

Home page URL

Security reports for Custom Team Manager

Application

Custom Team Manager

Published on
Sep 05, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ibnul H. Custom Team Manager allows Stored XSS. This issue affects Custom Team Manager: from n/a through 2.4.2.
Affected versions
Min -, max 2.4.2.
Status
vulnerable
Previous vulnerability researches
TablePress – Tables in WordPress made easy (CVE-2024-9595) , Oct 12, 2024
TablePress – Tables in WordPress made easy (CVE-2024-4354) , Jun 08, 2024
TablePress – Tables in WordPress made easy (CVE-2025-9500) , Sep 02, 2025
TablePress – Tables in WordPress made easy (CVE-2017-10889) , Jun 06, 2024
TablePress – Tables in WordPress made easy (CVE-2019-20180) , Jun 06, 2024
New vulnerability
WP-GraphViz (CVE-2025-58870) , Sep 09, 2025
Custom WooCommerce Checkout Fields Editor (CVE-2025-58799) , Sep 08, 2025
Carousel Ultimate (CVE-2025-58820) , Sep 08, 2025
WP Publication Archive (CVE-2025-58826) , Sep 08, 2025
AP HoneyPot WordPress Plugin (CVE-2025-58855) , Sep 08, 2025