cleantalk
Vulnerabilities and Security Researches

SensorPress, CVE-2025-49409

CVE, Research URL

CVE-2025-49409

Home page URL

Security reports for SensorPress

Application

SensorPress

Published on
Aug 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs SensorPress allows Stored XSS. This issue affects SensorPress: from n/a through 1.0.
Affected versions
Min -, max 1.0.
Status
vulnerable
Previous vulnerability researches
WP Crontrol (CVE-2024-28850) , Jun 07, 2024
WP Crontrol (ee606200d06d026e615be1bbc222571330834d0d) , Jun 07, 2024
WP Crontrol (CVE-2025-8678) , Aug 22, 2025
New vulnerability
WPPizza – A Restaurant Plugin (CVE-2025-57894) , Aug 23, 2025
ShortcodeHub – MultiPurpose Shortcode Builder (CVE-2025-7957) , Aug 23, 2025
Simple Login Log (CVE-2025-49438) , Aug 23, 2025
SensorPress (CVE-2025-49409) , Aug 23, 2025
Notice Bar (CVE-2025-49389) , Aug 23, 2025