cleantalk
Vulnerabilities and Security Researches

TinyMCE and TinyMCE Advanced Professsional Formats and Styles, CVE-2024-25904

CVE, Research URL

CVE-2024-25904

Home page URL

Security reports for TinyMCE and TinyMCE Advanced Professsional Formats and Styles

Application

TinyMCE and TinyMCE Advanced Professsional Formats and Styles

Published on
Feb 21, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and Styles: from n/a through 1.1.2.
Affected versions
max 1.1.2.
Status
vulnerable
Previous vulnerability researches
TinyMCE Advanced qTranslate fix editor problems (CVE-2025-26582) , Feb 16, 2025
TinyMCE and TinyMCE Advanced Professsional Formats and Styles (CVE-2024-25904) , Jun 07, 2024
Advanced Editor Tools (dc209836a0062d59d76258fcefe4c47c019379e2) , Jun 07, 2024
Advanced Editor Tools , May 01, 2026
New vulnerability
SP Project & Document Manager (CVE-2026-10737) , Jun 05, 2026
EmergencyWP – Dead Man's switch & legacy deliverance (CVE-2026-9732) , Jun 04, 2026
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin (CVE-2026-45441) , Jun 04, 2026
Job Manager and Recruitment Board for Employers and Candidates – Crew HRM (CVE-2026-27351) , Jun 04, 2026
CloudSecure WP Security (CVE-2026-42411) , Jun 04, 2026