CVE-2025-63589 | CMSimple_XH 1.8 index.php cross site scripting

November 6, 2025 Yanac

A vulnerability marked as problematic has been reported in CMSimple_XH 1.8. The impacted element is an unknown function of the file index.php. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-63589. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-12808 | Devolutions Server up to 2025.3.5.0 custom access control (DEVO-2025-0016)
CVE-2025-53252 | zozothemes Zegen Plugin up to 1.1.9 on WordPress filename control