cleantalk
Vulnerabilities and Security Researches

Sitekit, CVE-2025-30776

CVE, Research URL

CVE-2025-30776

Home page URL

Security reports for Sitekit

Application

Sitekit

Published on
Mar 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Sitekit allows Stored XSS. This issue affects Sitekit: from n/a through 1.8.
Affected versions
Min -, max 1.9.
Status
vulnerable
Previous vulnerability researches
Thumbnail carousel slider (2d6e889a1030d4f63f5210d1ffb851b3f4bc56b8) , Jun 07, 2024
Thumbnail carousel slider (CVE-2023-2119) , Jun 07, 2024
Thumbnail carousel slider (CVE-2023-1915) , Jun 07, 2024
Thumbnail carousel slider (CVE-2023-2120) , Jun 07, 2024
Thumbnail carousel slider (CVE-2023-5821) , Jun 07, 2024
New vulnerability
WP Subscription Forms – The Ultimate WordPress Subscription Form Plugin (CVE-2025-30784) , Mar 29, 2025
Teleport (CVE-2025-28855) , Mar 29, 2025
Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce (CVE-2025-30777) , Mar 29, 2025
Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress (CVE-2025-30770) , Mar 28, 2025
WP Google Review Slider (CVE-2025-30783) , Mar 28, 2025