cleantalk
Vulnerabilities and Security Researches

Spoki – Chat Buttons and WooCommerce Notifications, CVE-2025-50026

CVE, Research URL

CVE-2025-50026

Home page URL

Security reports for Spoki – Chat Buttons and WooCommerce Notifications

Application

Spoki – Chat Buttons and WooCommerce Notifications

Published on
Jun 20, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spoki Spoki allows Stored XSS. This issue affects Spoki: from n/a through 2.16.0.
Affected versions
Min -, max 2.16.0.
Status
vulnerable
Previous vulnerability researches
WP User Stylesheet Switcher (CVE-2025-52792) , Jun 30, 2025
New vulnerability
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2025-6463) , Jul 03, 2025
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2025-6464) , Jul 03, 2025
Jobs for WordPress (CVE-2025-50050) , Jul 03, 2025
Beauty Contact Popup Form (CVE-2025-53325) , Jul 03, 2025
MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet (CVE-2025-5937) , Jul 03, 2025