CVE-2025-27006

Publication date

2025-09-26 08:31:14

Family

Patchstack

State

PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in themeplugs Authorsy authorsy allows Stored XSS.This issue affects Authorsy: from n/a through <= 1.0.5.