CVE-2020-14010

The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php q aka name parameter...

WordPress Cross-Site Scripting Vulnerability (CNVD-2021-29465)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Laborator Xenon theme is a website theme plugin that uses one of the... A cross-site scripting vulnerability exists in...

CVE-2020-14010

The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php q aka name parameter...

Xenon Theme <= 1.3 - Unauthenticated Cross-Site Scripting (XSS)

The premium Xenon WordPress theme was found to be vulnerable to Unauthenticated Cross-Site Scripting XSS in the "q" parameter of the /data/typeahead-generate.php page. The affected version of the plugin was 1.3 and below, however, the vendor fixed the vulnerability but did not bump the version...

Xenon Theme <= 1.3 - Unauthenticated Cross-Site Scripting (XSS)

The premium Xenon WordPress theme was found to be vulnerable to Unauthenticated Cross-Site Scripting XSS in the "q" parameter of the /data/typeahead-generate.php page. The affected version of the plugin was 1.3 and below, however, the vendor fixed the vulnerability but did not bump the version...