All posts
Critical
Low
Medium

CVE-2025-52736

Alias:

Overview

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through <= 2.20.0.

Critical
Low
Medium
No items found.

Severity / CVSS Score:  (Critical)

CWE:

Discovery date: October 22, 2025

Authentication required: NoneYes

Attack Vector: None

Affected Components

Kodem Deep Dive

Previous Post
Next Post

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo