Vulnerabilities and security researches forcarousel carousel

Sep 08, 2025

CVE, Research URL: CVE-2025-58820
Home page URL: Security reports for Carousel Ultimate
Application: Carousel Ultimate
Date: Sep 05, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate allows Stored XSS. This issue affects Carousel Ultimate: from n/a through 1.8.
Affected versions: max 1.8.
Status: vulnerable

Apr 19, 2026

CVE, Research URL: CVE-2025-58652
Home page URL: Security reports for Carousel Ultimate
Application: Carousel Ultimate
Date: Sep 23, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through <= 1.8.
Affected versions: max 1.8.
Status: vulnerable