CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Xylusthemes: Security Vulnerabilities

CVE-2025-48256

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-05-19

CVE-2022-40209

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.

CVSS Score

6.1

EPSS Score

0.001

Published

2022-12-06

CVE-2020-24147

Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.

CVSS Score

9.1

EPSS Score

0.01

Published

2021-07-07

Page 1

Vulnerabilities

Vulnerable Software

Xylusthemes: Security Vulnerabilities

Products

Pricing

Contact Us