cleantalk
Vulnerabilities and Security Researches

Import from YML, CVE-2025-64232

CVE, Research URL

CVE-2025-64232

Home page URL

Security reports for Import from YML

Application

Import from YML

Published on
Nov 06, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icopydoc Import from YML import-from-yml allows Reflected XSS.This issue affects Import from YML: from n/a through <= 3.1.17.
Affected versions
max 4.0.0.
Status
vulnerable
Previous vulnerability researches
qnotsquiz (CVE-2025-12016) , Nov 10, 2025
New vulnerability
YourMembership Single Sign On – YM SSO Login (CVE-2025-10648) , Nov 11, 2025
RealPress &#8211; Real Estate Plugin (CVE-2025-11191) , Nov 11, 2025
WSAnalytics &#8211; Google Analytics And Dashboards (CVE-2025-48097) , Nov 11, 2025
Blog2Social: Social Media Auto Post &amp; Scheduler (CVE-2025-12560) , Nov 11, 2025
Blog2Social: Social Media Auto Post &amp; Scheduler (CVE-2025-12563) , Nov 11, 2025