GHSA-pjx3-8fqj-x6hrHighCVSS 7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
🔗 CVE IDs covered (1)
📋 Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Prague prague-plugins allows Reflected XSS.This issue affects Prague: from n/a through <= 2.2.8.
🔗 References (4)
- https://nvd.nist.gov/vuln/detail/CVE-2025-67972
- https://patchstack.com/database/Wordpress/Plugin/prague-plugins/vulnerability/wordpress-prague-plugin-2-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/wordpress/plugin/transmail/vulnerability/wordpress-zoho-zeptomail-plugin-3-2-9-broken-access-control-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-pjx3-8fqj-x6hr