cleantalk
Vulnerabilities and Security Researches

WP Super Edit, CVE-2025-49948

CVE, Research URL

CVE-2025-49948

Home page URL

Security reports for WP Super Edit

Application

WP Super Edit

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a through <= 2.5.4.
Affected versions
max 2.5.4.
Status
vulnerable
Previous vulnerability researches
Chatbox Manager (CVE-2025-58211) , Sep 02, 2025
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Chatbox Manager (CVE-2025-30790) , Mar 28, 2025
New vulnerability
SM CountDown Widget (CVE-2025-11880) , Nov 14, 2025
WP Super Edit (CVE-2025-49948) , Nov 12, 2025
Import WP – Export and Import CSV and XML files to WordPress (CVE-2025-12137) , Nov 12, 2025
XX2WP Integration Tools (CVE-2025-11857) , Nov 12, 2025
Greenshift &#8211; animation and page builder blocks (CVE-2025-11841) , Nov 11, 2025