cleantalk
Vulnerabilities and Security Researches

Timeline Block, CVE-2025-26754

CVE, Research URL

CVE-2025-26754

Home page URL

Security reports for Timeline Block

Application

Timeline Block

Published on
Feb 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Timeline Block allows Stored XSS. This issue affects Timeline Block: from n/a through 1.1.1.
Affected versions
max 1.1.3.
Status
vulnerable
Previous vulnerability researches
Timeline Block (CVE-2026-1228) , Apr 15, 2026
Timeline Block (CVE-2025-26754) , Feb 18, 2025
New vulnerability
xmlrpc attacks blocker (CVE-2026-2502) , Apr 16, 2026
Templately – Gutenberg & Elementor Template Library: 5000+ Free & Pro Ready Templates & Cloud! (CVE-2026-0831) , Apr 16, 2026
iRobots.txt SEO (CVE-2025-68840) , Apr 16, 2026
Tune Library (CVE-2026-1401) , Apr 16, 2026
Taskbuilder – WordPress Project & Task Management plugin (CVE-2026-2289) , Apr 16, 2026