CVE-2025-67555

by Fred · 09/12/2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects UseStrict's Calendly Embedder: from n/a through <= 1.1.7.2. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/cal-embedder-lite/vulnerability/wordpress-usestrict-s-calendly-embedder-plugin-1-1-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve