Vulnerabilities > Xylusthemes > Import Social Events > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-19 | CVE-2025-48256 | Cross-site Scripting vulnerability in Xylusthemes Import Social Events Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. | 5.4 |