cleantalk
Vulnerabilities and Security Researches

WP Proposals, CVE-2025-31837

CVE, Research URL

CVE-2025-31837

Home page URL

Security reports for WP Proposals

Application

WP Proposals

Published on
Apr 01, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus WP Proposals allows Stored XSS. This issue affects WP Proposals: from n/a through 2.3.
Affected versions
max 2.3.
Status
vulnerable
Previous vulnerability researches
WP Proposals (CVE-2025-57965) , Apr 25, 2026
WP Proposals (CVE-2025-31837) , Apr 03, 2025
New vulnerability
Ultimate Classified Listings (CVE-2025-9874) , Apr 25, 2026
Ultimate Classified Listings (CVE-2025-0763) , Apr 25, 2026
Skyword API Plugin (CVE-2025-58703) , Apr 25, 2026
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-58017) , Apr 25, 2026
CubeWP – All-in-One Dynamic Content Framework (CVE-2025-59569) , Apr 25, 2026