CVE-2019-25445

MEDIUM 6.1

Fiverr Clone Script 1.2.2 Cross-Site Scripting via search-results.php

CVSS Score

6.1

EPSS Score

0.0%

EPSS Percentile

0th

Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft URLs with script tags in the keyword parameter of search-results.php to execute arbitrary JavaScript in users' browsers.

CWE	CWE-79
Vendor	phpscriptsmall
Product	fiverr clone script
Published	Feb 20, 2026
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for phpscriptsmall fiverr clone script

Be the first to know when new medium vulnerabilities affecting phpscriptsmall fiverr clone script are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected Versions

Phpscriptsmall / Fiverr Clone Script

1.2.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/46637 vulncheck.com: https://www.vulncheck.com/advisories/fiverr-clone-script-cross-site-scripting-via-search-resultsphp

Credits

Mr Winst0n