cleantalk
Vulnerabilities and Security Researches

Carousel Ultimate, CVE-2025-58652

CVE, Research URL

CVE-2025-58652

Home page URL

Security reports for Carousel Ultimate

Application

Carousel Ultimate

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through <= 1.8.
Affected versions
max 1.8.
Status
vulnerable
Previous vulnerability researches
Easy Voice Mail (CVE-2026-1164) , Apr 15, 2026
New vulnerability
Pz-LinkCard (CVE-2026-2434) , Apr 19, 2026
NGG Smart Image Search (CVE-2025-58027) , Apr 19, 2026
VideoZen (CVE-2026-6439) , Apr 19, 2026
Epeken All Kurir Plugin for Woocommerce Full Version (CVE-2025-57906) , Apr 19, 2026
Carousel Ultimate (CVE-2025-58652) , Apr 19, 2026