Cross-Site Scripting Vulnerability in Catch Themes Essential Widgets
CVE-2025-67543
6.5MEDIUM
What is CVE-2025-67543?
A Cross-Site Scripting (XSS) vulnerability exists in Catch Themes Essential Widgets, allowing for stored XSS attacks. This flaw can be exploited by an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized actions and data theft. Affected versions include Essential Widgets from the initial release up to version 2.2.2. It is crucial for users to update to the latest version to mitigate this security risk.
Affected Version(s)
Essential Widgets <= n/a