CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Vulnrichment•added 2026/01/22 4:51 p.m.•1 views

CVE-2025-49249 WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ApusTheme Drone drone allows Reflected XSS.This issue affects Drone: from n/a through = 1.40...

7.1CVSS5.9AI score0.00064EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:51 p.m.•15 views

CVE-2025-49249 WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ApusTheme Drone drone allows Reflected XSS.This issue affects Drone: from n/a through = 1.40...

7.1CVSS0.00064EPSS

Exploits0References1

CVE•added 2026/01/22 4:51 p.m.•3 views

CVE-2025-49249

CVE-2025-49249 refers to a reflected XSS in the WordPress theme Drone (ApusTheme Drone) affecting Drone theme versions up to and including 1.40. The issue arises from improper neutralization/handling of user-supplied input during web page generation, enabling an attacker to inject malicious scrip...

7.1CVSS5.4AI score0.00064EPSS

Exploits0References1

Patchstack•added 2026/01/12 12:49 p.m.•4 views

WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Drone versions = 1.40...

6.1CVSS6.1AI score0.00064EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by