cleantalk
Vulnerabilities and Security Researches

Action Network, CVE-2024-25921

CVE, Research URL

CVE-2024-25921

Home page URL

Security reports for Action Network

Application

Action Network

Published on
Mar 15, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Concerted Action Action Network allows Reflected XSS.This issue affects Action Network: from n/a through 1.4.2.
Affected versions
Min -, max 1.4.3.
Status
vulnerable
Previous vulnerability researches
Action Network (CVE-2024-2954) , Jun 07, 2024
Action Network (CVE-2024-25921) , Jun 07, 2024
Action Network (CVE-2024-12394) , Jan 10, 2025
New vulnerability
百度站长SEO合集(支持百度/神马/Bing/头条推送) (CVE-2025-3917) , May 16, 2025
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2024-7052) , May 16, 2025
Weluka Lite (CVE-2025-4591) , May 16, 2025
Bon Toolkit (CVE-2025-4589) , May 16, 2025
Subaccounts for WooCommerce (CVE-2025-47461) , May 16, 2025