Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-58820: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Themepoints Carousel Ultimate

Medium
VulnerabilityCVE-2025-58820cvecve-2025-58820cwe-79
Published: Fri Sep 05 2025 (09/05/2025, 13:45:18 UTC)
Source: CVE Database V5
Vendor/Project: Themepoints
Product: Carousel Ultimate

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate allows Stored XSS. This issue affects Carousel Ultimate: from n/a through 1.8.

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-09-05T10:49:25.893Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68baeaa357c5b37b67a4606c

Added to database: 9/5/2025, 1:50:27 PM

Last updated: 9/5/2025, 1:50:27 PM

Views: 1

Related Threats

CVE-2025-55671: Uncontrolled Search Path Element in kujirahand TkEasyGUI

High
VulnerabilityFri Sep 05 2025

CVE-2025-41408: Improper authorization in handler for custom URL scheme in LY Corporation "Yahoo! Shopping" App for Android

Medium
VulnerabilityFri Sep 05 2025

CVE-2025-8695: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Netcad NetGIS Server

Medium
VulnerabilityFri Sep 05 2025

CVE-2025-58887: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Course Finder | andré martin - it solutions & research UG Course Booking Platform

Medium
VulnerabilityFri Sep 05 2025

CVE-2025-58886: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Tan Nguyen Instant Locations

Medium
VulnerabilityFri Sep 05 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats