cleantalk
Vulnerabilities and Security Researches

Themify Icons, CVE-2025-49395

CVE, Research URL

CVE-2025-49395

Home page URL

Security reports for Themify Icons

Application

Themify Icons

Published on
Aug 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Icons allows Stored XSS. This issue affects Themify Icons: from n/a through 2.0.3.
Affected versions
Min -, max 2.0.4.
Status
vulnerable
Previous vulnerability researches
Jenga Payment Gateway for WooCommerce (CVE-2025-49432) , Aug 20, 2025
New vulnerability
Themify Builder (CVE-2025-49396) , Aug 23, 2025
NEX-Forms – Ultimate Form Builder – Contact forms and much more (CVE-2025-49399) , Aug 22, 2025
iFrame Block (CVE-2025-49411) , Aug 22, 2025
The Plus Blocks for Block Editor | Gutenberg (CVE-2025-8567) , Aug 22, 2025
WP Visitor Statistics (Real Time Traffic) (CVE-2025-49400) , Aug 22, 2025