CVE-2025-58248

Name of the Vulnerable Software and Affected Versions codefish Pinterest Pinboard Widget versions through 1.0.7

Description The codefish Pinterest Pinboard Widget contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This can potentially lead to the execution of malicious scripts in the context of a user's browser. The vulnerability exists due to insufficient sanitization of user-supplied input before it is incorporated into the web page. The affected component is susceptible to attacks where an attacker injects malicious code into the application, which is then stored and served to other users.

Recommendations Update codefish Pinterest Pinboard Widget to a version later than 1.0.7.