2 matches found
CVE-2025-31849
CVE-2025-31849 describes a Stored XSS in Nemesis All-in-One (Newspaper Builder Elementor Extension). The description notes improper input neutralization during web page generation, enabling stored cross-site scripting. Affected range per the CVE entry is Nemesis All-in-One: from n/a through 1.1.0...
PT-2025-14227 · Unknown · Fbtemplates Nemesis All-In-One
Name of the Vulnerable Software and Affected Versions: fbtemplates Nemesis All-in-One versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attack...