cleantalk
Vulnerabilities and Security Researches

Post List Featured Image, CVE-2025-62937

CVE, Research URL

CVE-2025-62937

Home page URL

Security reports for Post List Featured Image

Application

Post List Featured Image

Published on
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johnny Post List Featured Image post-list-featured-image allows Stored XSS.This issue affects Post List Featured Image: from n/a through <= 0.5.9.
Affected versions
max 0.5.9.
Status
vulnerable
Previous vulnerability researches
WPCOM Member (CVE-2025-11920) , Nov 11, 2025
WPCOM Member (CVE-2024-47378) , Oct 03, 2024
WPCOM Member (CVE-2025-39570) , Apr 18, 2025
WPCOM Member (CVE-2025-1475) , Mar 08, 2025
WPCOM Member (CVE-2024-7493) , Sep 07, 2024
New vulnerability
WP-DownloadManager (CVE-2025-10747) , Nov 11, 2025
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-59575) , Nov 11, 2025
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-64366) , Nov 11, 2025
Mixlr Shortcode (CVE-2025-11807) , Nov 11, 2025
Builderall Builder for WordPress (CVE-2025-62987) , Nov 11, 2025