2 matches found
CVE-2026-24973
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NooTheme CitiLights noo-citilights allows Reflected XSS.This issue affects CitiLights: from n/a through = 3.7.1...
WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme CitiLights versions 3.7.2...