CVE-2025-49413

Name of the Vulnerable Software and Affected Versions: Wishloop Terms of Service & Privacy Policy Generator versions through 1.0

Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Stored Cross-site Scripting (XSS). This allows for the injection of malicious scripts into web pages generated by the application.

Recommendations: Versions prior to 1.0 should be updated. At the moment, there is no information about a newer version that contains a fix for this vulnerability.