cleantalk
Vulnerabilities and Security Researches

Sessions, CVE-2025-57890

CVE, Research URL

CVE-2025-57890

Home page URL

Security reports for Sessions

Application

Sessions

Published on
Aug 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0.
Affected versions
Min -, max 3.2.1.
Status
vulnerable
Previous vulnerability researches
WS Theme Addons (CVE-2025-8062) , Aug 24, 2025
WS Theme Addons (49de99b4d9366ab101a8419d8f628f119e0ccdb3) , Jul 05, 2024
New vulnerability
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) , Aug 26, 2025
UpdraftPlus: WordPress Backup & Migration Plugin , Aug 26, 2025
Simpler Checkout (CVE-2025-7642) , Aug 26, 2025
Sessions (CVE-2025-57890) , Aug 25, 2025
WP Admin Theme (CVE-2025-48325) , Aug 25, 2025