CVE-2025-12117

The Renden theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-12117

CVE-2025-12117 concerns the WordPress Renden theme (versions up to 1.8.1). It enables Stored XSS via the post title due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Contributor level or higher, with scripts executing when any user loads an ...

CVE-2025-12117 Renden <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title

The Renden theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

PT-2026-20579

Name of the Vulnerable Software and Affected Versions Renden versions prior to 1.8.2 Description The Renden theme for WordPress is susceptible to Stored Cross-Site Scripting through the post title. Insufficient input sanitization and output escaping allow authenticated attackers with...