cleantalk
Vulnerabilities and Security Researches

WP Editor, CVE-2024-24700

CVE, Research URL

CVE-2024-24700

Home page URL

Security reports for WP Editor

Application

WP Editor

Published on
Mar 27, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Rojas WP Editor allows Reflected XSS.This issue affects WP Editor: from n/a through 1.2.8.
Affected versions
max 1.2.9.
Status
vulnerable
Previous vulnerability researches
SCSS WP Editor (CVE-2025-31808) , Apr 04, 2025
Bootstrap Blocks for WP Editor v2 (CVE-2024-12495) , Jan 09, 2025
WP Editor.md – The Perfect WordPress Markdown Editor (CVE-2017-9336) , Jun 07, 2024
WP Editor.md – The Perfect WordPress Markdown Editor (CVE-2018-18919) , Jun 07, 2024
WP Editor.md – The Perfect WordPress Markdown Editor (CVE-2025-31035) , Apr 11, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025