CVE-2025-58593 — Cross-site Scripting in Orbit FOX BY Themeisle

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.0%

top 90.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Themeisle Orbit FOX BY Themeisle

Timeline

PublishedSep 3

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through <= 3.0.0.

Affected Packages1 packages

▶CVEListV5themeisle/orbit_fox_by_themeisle3.0.0

🔴Vulnerability Details

GHSA

GHSA-p24p-rcvp-fjgp: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored X↗2025-09-03

▶

CVEList

WordPress Orbit Fox by ThemeIsle Plugin <= 3.0.0 - Cross Site Scripting (XSS) Vulnerability↗2025-09-03

▶