cleantalk
Vulnerabilities and Security Researches

Snow Storm, CVE-2025-30858

CVE, Research URL

CVE-2025-30858

Home page URL

Security reports for Snow Storm

Application

Snow Storm

Published on
Apr 03, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Snow Storm allows Reflected XSS. This issue affects Snow Storm: from n/a through 1.4.6.
Affected versions
Min -, max 1.4.7.
Status
vulnerable
Previous vulnerability researches
WP Subscription Forms – The Ultimate WordPress Subscription Form Plugin (CVE-2025-30784) , Mar 29, 2025
New vulnerability
Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider (CVE-2025-32152) , Apr 06, 2025
VG WooCarousel (CVE-2025-32153) , Apr 06, 2025
Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic (CVE-2025-32236) , Apr 06, 2025
RDP Wiki Embed (CVE-2025-32262) , Apr 06, 2025
AdMail – Back in-stock notifier for WooCommerce (CVE-2025-32234) , Apr 06, 2025