cleantalk
Vulnerabilities and Security Researches

Wp Custom CMS Block, CVE-2025-46457

CVE, Research URL

CVE-2025-46457

Home page URL

Security reports for Wp Custom CMS Block

Application

Wp Custom CMS Block

Published on
Apr 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in digontoahsan Wp Custom CMS Block allows Stored XSS. This issue affects Wp Custom CMS Block: from n/a through 2.1.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
Verification SMS with TargetSMS (CVE-2025-3776) , Apr 25, 2025
New vulnerability
License For Envato (CVE-2025-39399) , Apr 25, 2025
occupancyplan (CVE-2025-46450) , Apr 25, 2025
Wp Custom CMS Block (CVE-2025-46457) , Apr 25, 2025
Google News (CVE-2025-46452) , Apr 25, 2025
LSD Custom taxonomy and category meta (CVE-2025-46502) , Apr 25, 2025