2 matches found
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Catch Themes Darcie theme = 1.1.5 versions...
CVE-2023-25961
CVE-2023-25961 is an unauthenticated, reflected cross-site scripting (XSS) vulnerability in Catch Themes’ Darcie WordPress theme, affecting versions up to 1.1.5. The issue is triggered through user-supplied input reflected in the page, enabling an attacker to execute script in the victim’s browse...