cleantalk
Vulnerabilities and Security Researches

Import Social Events, CVE-2025-48256

CVE, Research URL

CVE-2025-48256

Home page URL

Security reports for Import Social Events

Application

Import Social Events

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5.
Affected versions
Min -, max 1.8.6.
Status
vulnerable
Previous vulnerability researches
WordPress SQL Backup (CVE-2025-30608) , Mar 27, 2025
New vulnerability
Glossary by WPPedia – Best Glossary plugin for WordPress (CVE-2025-4803) , May 28, 2025
Import Social Events (CVE-2025-48256) , May 28, 2025
MStore API (CVE-2025-4683) , May 28, 2025
WP Statistics , May 27, 2025
Hostinger , May 27, 2025