CVE-2025-69330

Name of the Vulnerable Software and Affected Versions Jthemes Prestige versions prior to 1.4.1

Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-Site Scripting (XSS). This means that malicious code can be injected into a webpage and executed by a user's browser. The vulnerable component allows an attacker to inject malicious scripts through a crafted URL. The affected parameter is not specified.

Recommendations Update Jthemes Prestige to version 1.4.1 or later.