5 matches found
CVE-2025-23979
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1...
CVE-2025-23979
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1...
CVE-2025-23979
CVE-2025-23979 is a Reflected XSS in the WordPress Flashy (duwasai Flashy) plugin. Affected: Flashy versions up to 1.2.1 and earlier. Root cause: improper input neutralization during web page generation. Impact: potential script execution via reflected payload; CVSS 3.1 base 7.1 (HIGH); attack ve...
CVE-2025-23979 WordPress Flashy theme <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1...
CVE-2025-23979 WordPress Flashy theme <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1...