What is CVE-2026-25373 — Reflected XSS in ProgressionStudios Vayvo?

CVE-2026-25373 is a Reflected XSS vulnerability in ProgressionStudios Vayvo, allowing attackers to inject malicious scripts via web page generation. It's rated HIGH severity (7.1 CVSS).

Am I affected by CVE-2026-25373 in ProgressionStudios Vayvo?

You are affected if you are using Vayvo versions 0.0.0 through 6.8. Upgrade to version 6.8 to mitigate the risk.

How do I fix CVE-2026-25373 in ProgressionStudios Vayvo?

Upgrade Vayvo to version 6.8 or later. Implement input validation and output encoding as a temporary workaround.

Is CVE-2026-25373 being actively exploited?

While no public exploits are currently known, the ease of exploitation for Reflected XSS suggests potential for active exploitation.

Where can I find the official ProgressionStudios advisory for CVE-2026-25373?

Refer to the ProgressionStudios website or their official security advisory channels for the latest information and updates regarding CVE-2026-25373.

CVE-2026-25373 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2026-25373 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• wordpress / composer / npm:

grep -r "vayvo-progression" /var/www/html
grep -r "<script>" /var/www/html

• generic web:

curl -I https://example.com/?param=<script>alert(1)</script>

WordPress Vayvo - Media Streaming & Membership WordPress Theme theme < 6.8 - Reflected Cross Site Scripting (XSS) vulnerability

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2026-25373 — Reflected XSS in ProgressionStudios Vayvo?

Am I affected by CVE-2026-25373 in ProgressionStudios Vayvo?

How do I fix CVE-2026-25373 in ProgressionStudios Vayvo?

Is CVE-2026-25373 being actively exploited?

Where can I find the official ProgressionStudios advisory for CVE-2026-25373?

Seu projeto está afetado?

Detecte esta CVE no seu projeto