Skip to content

Pricing
Knowledge base
Support

Pricing
Knowledge base
Support

> Get Pro <
Pricing
Knowledge base
Support
Account area

> Get Pro <
Pricing
Knowledge base
Support
Account area

Home
Vulnerabilities
Input validation vulnerability in WordPress Tooltip 1.0.1

Search

Latest

Steps to take after migrating to SSL

Passkeys: no need for Limit Login Attempts?

Pricing
Knowledge base
Support

Pricing
Knowledge base
Support

Input validation vulnerability in WordPress Tooltip 1.0.1

CVE-2025-46532

Severity: medium-risk
Status: Open
Publication: April 24, 2025

The Tooltip plugin for WordPress has a security issue that allows unauthorized users to insert harmful scripts into certain pages. This can happen because the plugin does not properly check and protect against these scripts. This can only be done by those with contributor-level access or higher.

Detected in:

WordPress Tooltip open vulnerable versions: >= * <= 1.0.1

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Your Email

Plugins

Really Simple Security
Complianz
SimplyBook.me

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

Pricing
Knowledge Base
Support
F.A.Q

Account
Become an Affiliate

About

About Us

Privacy Statement
Cookie Policy
Terms of Use
Coordinated Vulnerability Disclosure

Popular articles

Why WordPress is (in)secure
Always be ahead of vulnerabilities
Harden your website’s security
Login protection as essential security
Protect site visitors with Security Headers
Enable an efficient and performant firewall

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options
Manage services
Manage {vendor_count} vendors
Read more about these purposes

View preferences

{title}
{title}
{title}

Manage Cookie Consent

We use cookies to optimize our website and our service.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options
Manage services
Manage {vendor_count} vendors
Read more about these purposes

View preferences

{title}
{title}
{title}