{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T08:48:05.611","vulnerabilities":[{"cve":{"id":"CVE-2025-66091","sourceIdentifier":"audit@patchstack.com","published":"2025-11-21T13:15:50.400","lastModified":"2026-01-30T18:15:58.600","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows DOM-Based XSS.This issue affects Stylish Cost Calculator: from n\/a through <= 8.1.5."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https:\/\/patchstack.com\/database\/Wordpress\/Plugin\/stylish-cost-calculator\/vulnerability\/wordpress-stylish-cost-calculator-plugin-8-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}