CVE-2025-40992 | Creativeitem Sociopro Query update_profile Name cross site scripting

A vulnerability labeled as problematic has been found in Creativeitem Sociopro. The affected element is an unknown function of the file /sociopro/profile/update_profile of the component Query Handler. Executing manipulation of the argument Name can lead to cross site scripting.

This vulnerability appears as CVE-2025-40992. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More