cleantalk
Vulnerabilities and Security Researches

SAPO Feed, CVE-2025-53462

CVE, Research URL

CVE-2025-53462

Home page URL

Security reports for SAPO Feed

Application

SAPO Feed

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SAPO SAPO Feed allows Stored XSS. This issue affects SAPO Feed: from n/a through 2.4.2.
Affected versions
Min -, max 2.4.2.
Status
vulnerable
Previous vulnerability researches
WishSuite – Wishlist for WooCommerce (CVE-2024-29927) , Jun 06, 2024
WishSuite – Wishlist for WooCommerce (CVE-2023-23731) , Jun 06, 2024
WishSuite – Wishlist for WooCommerce (CVE-2023-32962) , Jun 06, 2024
WishSuite – Wishlist for WooCommerce (CVE-2025-30820) , Apr 03, 2025
New vulnerability
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2025-58659) , Sep 27, 2025
Events Manager – OpenStreetMaps (CVE-2025-58265) , Sep 27, 2025
SAPO Feed (CVE-2025-53462) , Sep 27, 2025
Estonian Shipping Methods for WooCommerce (CVE-2025-58656) , Sep 27, 2025
Casengo Live Chat Support (CVE-2025-58688) , Sep 27, 2025