cleantalk
Vulnerabilities and Security Researches

WPComplete, CVE-2022-45825

CVE, Research URL

CVE-2022-45825

Home page URL

Security reports for WPComplete

Application

WPComplete

Published on
Mar 28, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <= 2.9.2 versions.
Affected versions
max 2.9.5.
Status
vulnerable
Previous vulnerability researches
WPComplete (CVE-2022-45825) , Jun 07, 2024
WPComplete (CVE-2025-50046) , Jul 02, 2025
WPComplete (CVE-2025-49906) , Nov 11, 2025
New vulnerability
Master Blocks &#8211; Ultimate Gutenberg Blocks for Marketers (CVE-2025-10896) , Nov 11, 2025
Reuse Builder (CVE-2025-11812) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-11823) , Nov 11, 2025
ShopLentor – WooCommerce Builder for Elementor &amp; Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-12493) , Nov 11, 2025
Gravity Forms Google Sheet Connector (CVE-2025-8606) , Nov 11, 2025