2 matches found
CVE-2025-25144
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in theasys Theasys theasys allows Stored XSS.This issue affects Theasys: from n/a through = 1.0.1...
CVE-2025-25144
CVE-2025-25144 is a stored XSS vulnerability in Theasys WordPress plugin (versions up to 1.0.1) that arises from improper input handling during page generation and is exploitable via CSRF. CVSSv3.1 base score 7.1 (HIGH): impact on confidentiality, integrity, and availability is low, and attack ve...