Cross-site Scripting Vulnerability in SEOthemes SEO Slider
CVE-2025-62097

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Seo Slider
Vendor: CVE Published:; 31 December 2025

What is CVE-2025-62097?

The SEOthemes SEO Slider plugin contains a vulnerability that allows for improper neutralization of user input during web page generation, leading to potential DOM-based Cross-site Scripting (XSS) attacks. This security flaw can enable attackers to inject malicious scripts into web pages viewed by end-users. As a result, unauthorized actions or data theft may occur, compromising the security of affected websites. Websites using versions from n/a through 1.1.1 of the SEO Slider plugin are particularly at risk. It is recommended to update to the latest version and implement security best practices to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SEO Slider <= 1.1.1

References

https://patchstack.com/database/wordpress/plugin/seo-slid...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 31, 2025
Vulnerability Reserved
Oct 7, 2025

Credit

Muhammad Yudha - DJ | Patchstack Bug Bounty Program

JSON

WordPress