cleantalk
Vulnerabilities and Security Researches

Emma for WordPress, CVE-2025-32166

CVE, Research URL

CVE-2025-32166

Home page URL

Security reports for Emma for WordPress

Application

Emma for WordPress

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in John Housholder Emma for WordPress allows Stored XSS. This issue affects Emma for WordPress: from n/a through 1.3.3.
Affected versions
Min -, max 1.3.3.
Status
vulnerable
Previous vulnerability researches
WP Church Donation (CVE-2025-31410) , Apr 03, 2025
WP Church Donation (CVE-2024-13690) , Mar 26, 2025
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025