Skip to main content

Vayvo

1 CVEs product

Monthly

CVE-2026-25373 HIGH PATCH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the ProgressionStudios Vayvo WordPress theme (versions prior to 6.8) that allows attackers to inject malicious scripts into web pages viewed by users. An attacker can craft a malicious URL containing unsanitized input and trick users into clicking it, causing arbitrary JavaScript to execute in the victim's browser within the context of the Vayvo-powered site. No CVSS score, EPSS probability, or KEV confirmation is currently available, but the reflected XSS classification and Patchstack reporting indicate this is a known, credible vulnerability with patch availability.

XSS Vayvo
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the ProgressionStudios Vayvo WordPress theme (versions prior to 6.8) that allows attackers to inject malicious scripts into web pages viewed by users. An attacker can craft a malicious URL containing unsanitized input and trick users into clicking it, causing arbitrary JavaScript to execute in the victim's browser within the context of the Vayvo-powered site. No CVSS score, EPSS probability, or KEV confirmation is currently available, but the reflected XSS classification and Patchstack reporting indicate this is a known, credible vulnerability with patch availability.

XSS Vayvo
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy