Lucene search
K

4 matches found

NVD
NVD
added 2025/05/19 3:15 p.m.20 views

CVE-2025-48256

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through = 1.8.5...

6.5CVSS0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 2:44 p.m.17 views

CVE-2025-48256 WordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through = 1.8.5...

6.5CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 2:44 p.m.24 views

CVE-2025-48256

CVE-2025-48256 covers a Stored XSS in the WordPress plugin Import Social Events (versions ≤ 1.8.5) by Xylus Themes. The issue stems from improper input neutralization during web page generation, enabling an attacker-supplied payload to be stored and later executed in a victim’s browser. The vulne...

6.5CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/19 2:44 p.m.6 views

CVE-2025-48256 WordPress Import Social Events <= 1.8.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5...

6.5CVSS6.4AI score0.00216EPSS
Exploits0References1
Rows per page
Query Builder