CVE-2025-31535
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Mar 31, 2025
Updated: Apr 1, 2025
CWE ID 79
Summary
CVE-2025-31535 is a Cross-site Scripting (XSS) vulnerability affecting PressTigers Simple Owl Carousel. The issue arises due to improper neutralization of user input during web page generation. Attackers can exploit this vulnerability to inject malicious scripts into a victim's web browser, potentially leading to data theft, session hijacking, or other unauthorized actions. This issue affects Simple Owl Carousel versions from n/a through 1.1.1. Users are advised to update to the latest version or consider alternative plugins to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.