3 matches found
CVE-2023-1403
The CVE-2023-1403 entry affects the Weaver Xtreme Theme for WordPress, with vulnerable versions up to 5.0.7 due to insufficient escaping of the profile display name, enabling stored Cross-Site Scripting by authenticated users with contributor-level permissions. The impact is per the sources: stor...
WordPress Weaver Xtreme 5.0.7 / Weaver Show Posts 1.6 Cross Site Scripting
On March 14, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for 2 nearly identical Cross-Site Scripting vulnerabilities in the Weaver Xtreme theme and the Weaver Show Posts plugin, which each have over 10,000 installations. The plugin developer responded...
WordPress Weaver Xtreme Theme <= 5.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Weaver Xtreme Type Theme Vulnerable versions = 5.0.7 Fixed in 6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1403 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b31bb20a58fc Credits Ramuel Gall Required privileg...