CVE-2026-24948

Name of the Vulnerable Software and Affected Versions fox-themes Reflector versions through 1.2.2

Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting (XSS). This issue impacts the Reflector plugins.

Recommendations Update to a version later than 1.2.2.