3 matches found
CVE-2025-63073 WordPress The7 theme < 12.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dream-Theme The7 dt-the7 allows DOM-Based XSS.This issue affects The7: from n/a through 12.9.0...
CVE-2025-63073
The CVE-2025-63073 entry concerns the WordPress Dream-Theme The7 (dt-the7) WordPress theme up to version 12.8.0.2, with a DOM-based XSS caused by improper input neutralization during web page generation. The issue affects The7 versions
WordPress The7 Theme <= 11.13.0 is vulnerable to Cross Site Scripting (XSS)
Software The7 Type Theme Vulnerable versions = 11.13.0 Fixed in 11.14.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5451 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b297994711c5 Credits wesley wcraft Required privilege...