cleantalk
Vulnerabilities and Security Researches

Uncanny Toolkit for LearnDash, CVE-2025-48080

CVE, Research URL

CVE-2025-48080

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Published on
May 16, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Stored XSS. This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.7.0.2.
Affected versions
Min -, max 3.7.0.3.
Status
vulnerable
Previous vulnerability researches
Weluka Lite (CVE-2025-4591) , May 16, 2025
New vulnerability
Dot html,php,xml etc pages (CVE-2025-48112) , May 18, 2025
Sharespine Woocommerce Connector (CVE-2025-48128) , May 18, 2025
Wishlist (CVE-2025-31063) , May 18, 2025
Wishlist (CVE-2025-31062) , May 18, 2025
WP-Members Membership Plugin (CVE-2025-4610) , May 18, 2025