Vulnerability Details CVE-2025-48256
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through <= 1.8.5.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.4%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-48256
-
cpe:2.3:a:xylusthemes:import_social_events:*