cleantalk
Vulnerabilities and Security Researches

WP Smart Flexslider, CVE-2025-49955

CVE, Research URL

CVE-2025-49955

Home page URL

Security reports for WP Smart Flexslider

Application

WP Smart Flexslider

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rajan Vijayan WP Smart Flexslider wp-smart-flexslider allows Reflected XSS.This issue affects WP Smart Flexslider: from n/a through <= 2.5.
Affected versions
max 2.5.
Status
vulnerable
Previous vulnerability researches
Open Close WooCommerce Store &#8211; Best Business Schedules Manager (CVE-2025-47649) , May 09, 2025
Open Close WooCommerce Store &#8211; Best Business Schedules Manager (CVE-2024-32522) , Jun 07, 2024
Open Close WooCommerce Store &#8211; Best Business Schedules Manager (9b74fb5c984ecf233d3b7c119e86f14f5bcb2e5a) , Jun 07, 2024
Open Close WooCommerce Store &#8211; Best Business Schedules Manager (CVE-2025-62935) , Nov 10, 2025
New vulnerability
TopBar (CVE-2025-10300) , Nov 11, 2025
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters &amp; more! (CVE-2025-60204) , Nov 11, 2025
Quick Featured Images (CVE-2025-11176) , Nov 11, 2025
Call Now Button &#8211; The #1 Click to Call Button for WordPress (CVE-2025-11587) , Nov 11, 2025
Call Now Button &#8211; The #1 Click to Call Button for WordPress (CVE-2025-11632) , Nov 11, 2025