CVE-2025-47566

PUBLISHED

12/31/2025 21595511-bba5-4825-b968-b78d1f9984a3

Technical Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomSounds allows Reflected XSS.This issue affects ZoomSounds: from n/a through 6.91.

Affected Products

ZoomSounds

n/a

References

https://vdp.patchstack.com/database/wordpress/plugin/dzs-zoomsounds/vulnerability/wordpress-zoomsounds-plugin-6-91-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

External Link

7.1 CVSS v3.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Impact Analysis

Attack Vector Network

Attack Complexity Low

Privileges Required None