CVE-2025-58652 updated 2 months, 4 weeks ago by @mweinelt Activity log Created automatic suggestion 4 months ago @mweinelt removed package haskellPackages.data-carousel 2 months, 4 weeks ago @mweinelt dismissed 2 months, 4 weeks ago WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate allows Stored XSS. This issue affects Carousel Ultimate: from n/a through 1.8. Affected products carousel =<1.8 Matching in nixpkgs