CVE-2026-25018

Name of the Vulnerable Software and Affected Versions stmcan NaturaLife Extensions versions n/a through 2.1

Description The software contains a flaw due to improper handling of user-supplied data during web page creation, which can lead to reflected cross-site scripting (XSS). This allows an attacker to inject malicious scripts into web pages viewed by other users.

Recommendations Update to a version later than 2.1.