cleantalk
Vulnerabilities and Security Researches

WP Flipclock, CVE-2025-39540

CVE, Research URL

CVE-2025-39540

Home page URL

Security reports for WP Flipclock

Application

WP Flipclock

Published on
Apr 16, 2025
Research Description
WP Flipclock [wp-flipclock] <= 1.9 (unfixed) CVE-2025-39540 [en] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhys Wynne WP Flipclock allows DOM-Based XSS. This issue affects WP Flipclock: from n/a through 1.9.
Affected versions
Min -, max 1.9.
Status
vulnerable
Previous vulnerability researches
Teleport (CVE-2025-28855) , Mar 29, 2025
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025