MEDIUM SeverityCVSS 3.15.9CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2025-62127

Last updated May 07, 2026 · Published May 07, 2026

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS. This issue affects WEN Logo Slider: from n/a through 3.4.0.

Affected products

1 listed

WEN Themes:WEN Logo Slider

Mappings

CWE

CWE-79

CAPEC

CAPEC-588

Research

Cross-Site Scripting (XSS)Covers reflected, stored, and DOM based XSS risks and why they remain high impact. Provides prevention…

Training

XSS in React, Vue and Server ComponentsCross-site scripting in modern component frameworks and how to prevent it.

CVE-2025-62127

Description

Affected products

Mappings

Related