cleantalk
Vulnerabilities and Security Researches

WP VR – 360 Panorama and Virtual Tour Builder For WordPress, CVE-2023-1413

CVE, Research URL

CVE-2023-1413

Home page URL

Security reports for WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Application

WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Published on
Apr 17, 2023
Research Description
The WP VR WordPress plugin before 8.2.9 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
Min -, max 8.2.9.
Status
vulnerable
Previous vulnerability researches
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-47452) , Jun 19, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2024-49680) , Oct 25, 2024
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-24730) , Jan 26, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2024-49293) , Oct 18, 2024
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2023-0174) , Jun 07, 2024
New vulnerability
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden (CVE-2025-49316) , Jun 20, 2025
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit (CVE-2025-1562) , Jun 20, 2025
eCommerce Product Catalog Plugin for WordPress (CVE-2025-49331) , Jun 20, 2025
Broadstreet (CVE-2025-4652) , Jun 20, 2025
Majestic Support – Help Desk & Support Plugin (CVE-2025-49860) , Jun 20, 2025