cleantalk
Vulnerabilities and Security Researches

WP VR – 360 Panorama and Virtual Tour Builder For WordPress, CVE-2025-24730

CVE, Research URL

CVE-2025-24730

Home page URL

Security reports for WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Application

WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Published on
Jan 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rextheme WP VR allows DOM-Based XSS. This issue affects WP VR: from n/a through 8.5.14.
Affected versions
Min -, max 8.5.15.
Status
vulnerable
Previous vulnerability researches
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-47452) , Jun 19, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2024-49680) , Oct 25, 2024
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-24730) , Jan 26, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2024-49293) , Oct 18, 2024
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2023-0174) , Jun 07, 2024
New vulnerability
eCommerce Product Catalog Plugin for WordPress (CVE-2025-49331) , Jun 20, 2025
Broadstreet (CVE-2025-4652) , Jun 20, 2025
Majestic Support – Help Desk & Support Plugin (CVE-2025-49860) , Jun 20, 2025
Arconix FAQ (CVE-2025-49874) , Jun 20, 2025
Responsive Blocks – WordPress Gutenberg Blocks (CVE-2025-49881) , Jun 20, 2025