Vulnerabilities > Xylusthemes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-19 | CVE-2025-48256 | Cross-site Scripting vulnerability in Xylusthemes Import Social Events Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. | 5.4 |
| 2022-12-06 | CVE-2022-40209 | Unspecified vulnerability in Xylusthemes WP Smart Import 1.0.0/1.0.1/1.0.2 Unauth. | 6.1 |
| 2021-07-07 | CVE-2020-24147 | Server-Side Request Forgery (SSRF) vulnerability in Xylusthemes WP Smart Import 1.0.0 Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field. | 9.1 |