cleantalk
Vulnerabilities and Security Researches

NPS computy, CVE-2025-67984

CVE, Research URL

CVE-2025-67984

Home page URL

Security reports for NPS computy

Application

NPS computy

Published on
Feb 20, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in calliko NPS computy nps-computy allows DOM-Based XSS.This issue affects NPS computy: from n/a through <= 2.8.2.
Affected versions
max 2.8.2.
Status
vulnerable
Previous vulnerability researches
Responsive Lightbox2 (CVE-2022-3987) , Jun 07, 2024
Responsive Lightbox2 (3a708e667647cfc7347348989e4ffa77f2b38c04) , Jun 07, 2024
Responsive Lightbox &amp; Gallery (CVE-2025-15386) , Feb 27, 2026
Responsive Lightbox &amp; Gallery (CVE-2024-43924) , Aug 29, 2024
Responsive Lightbox &amp; Gallery (CVE-2013-6837) , Jun 07, 2024
New vulnerability
Visitor Maps Extended Referer Field (CVE-2025-69389) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24942) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-23549) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24954) , Feb 28, 2026
Library Management System (CVE-2025-12707) , Feb 28, 2026