cleantalk
Vulnerabilities and Security Researches

Verge3D Publishing and E-Commerce, CVE-2025-48241

CVE, Research URL

CVE-2025-48241

Home page URL

Security reports for Verge3D Publishing and E-Commerce

Application

Verge3D Publishing and E-Commerce

Published on
May 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soft8Soft LLC Verge3D verge3d allows Reflected XSS.This issue affects Verge3D: from n/a through <= 4.9.3.
Affected versions
max 4.9.4.
Status
vulnerable
Previous vulnerability researches
Verge3D Publishing and E-Commerce (CVE-2025-22709) , Jan 19, 2025
Verge3D Publishing and E-Commerce (CVE-2025-30833) , Apr 02, 2025
Verge3D Publishing and E-Commerce (CVE-2025-48241) , May 24, 2025
Verge3D Publishing and E-Commerce (CVE-2023-51421) , Jun 06, 2024
Verge3D Publishing and E-Commerce (CVE-2023-51420) , Jun 06, 2024
New vulnerability
GeoDirectory &#8211; WordPress Business Directory Plugin, or Classified Directory (CVE-2026-54831) , Jun 25, 2026
SALESmanago (CVE-2026-54822) , Jun 25, 2026
Newsletters (CVE-2026-54840) , Jun 25, 2026
wpDataTables &#8211; WordPress Data Table, Dynamic Tables &amp; Table Charts Plugin (CVE-2026-54825) , Jun 24, 2026
Interactive Content – H5P (CVE-2026-56006) , Jun 24, 2026