cleantalk
Vulnerabilities and Security Researches

Sessions, CVE-2025-57890

CVE, Research URL

CVE-2025-57890

Home page URL

Security reports for Sessions

Application

Sessions

Published on
Aug 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0.
Affected versions
Min -, max 3.2.1.
Status
vulnerable
Previous vulnerability researches
Video Gallery – Vimeo and YouTube Gallery (CVE-2025-48349) , Aug 24, 2025
Video Gallery – Vimeo and YouTube Gallery (CVE-2021-24515) , Jun 06, 2024
New vulnerability
Sessions (CVE-2025-57890) , Aug 25, 2025
WP Admin Theme (CVE-2025-48325) , Aug 25, 2025
Site Offline Or Coming Soon Or Maintenance Mode (CVE-2025-48348) , Aug 25, 2025
Ni WooCommerce Customer Product Report (CVE-2025-7827) , Aug 25, 2025
Ogulo – 360° Tour (CVE-2025-9131) , Aug 25, 2025