CVE-2025-52747 in Themebox Plugininformación

Resumen

por MITRE • 2026-05-27

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS.

This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Patchstack

Reservar

2025-06-19

Divulgación

2026-05-27

Moderación

aceptado

Artículo

VDB-365975

CPE

listo

CWE

CWE-79 (confirmado)

CVSS

7.1 (CNA)

EPSS

0.00036

KEV

Actividades

bajo

Sector

Hostingprovider

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-52747
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-52747
CVE Details	https://www.cvedetails.com/cve/CVE-2025-52747/

◂ Anterior Visión De Conjunto Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!