cleantalk
Vulnerabilities and Security Researches

Import from YML, CVE-2025-64232

CVE, Research URL

CVE-2025-64232

Home page URL

Security reports for Import from YML

Application

Import from YML

Published on
Nov 06, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Import from YML import-from-yml allows Reflected XSS.This issue affects Import from YML: from n/a through <= 3.1.17.
Affected versions
max 4.0.0.
Status
vulnerable
Previous vulnerability researches
Jock On Air Now (CVE-2025-58986) , Nov 10, 2025
Jock On Air Now (83edfbcf563dfc5da48e587aef4b3240de9ae329) , Jun 07, 2024
New vulnerability
百度站长SEO合集(支持百度/神马/Bing/头条推送) (CVE-2025-62977) , Nov 11, 2025
WP jQuery Pager (CVE-2025-10575) , Nov 11, 2025
DELUCKS SEO (CVE-2025-49376) , Nov 11, 2025
B Carousel Block &#8211; Create stunning responsive carousels effortlessly (CVE-2025-12388) , Nov 11, 2025
Stock Snapshot for WooCommerce (CVE-2025-10167) , Nov 11, 2025