WordPress Nova Lite theme <= 1.3.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

2020-08-1300:00:00

Talip Karabas

patchstack.com

0.001 Low

EPSS

Percentile

42.0%

Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered by Talip Karabas in WordPress Nova Lite theme (versions <= 1.3.8).

Solution

           Update the WordPress Nova Lite theme to the latest available version (at least 1.3.9).

CPENameOperatorVersion
nova litele1.3.8

CPE	Name	Operator	Version
	nova lite	le	1.3.8

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17362

themes.trac.wordpress.org/log/nova-lite/

0.001 Low

EPSS

Percentile

42.0%

Related for PATCHSTACK:34A0F2C910EECC7DE2CCD142EC26402A