3 matches found
CVE-2023-29430
Unauth. Reflected Cross-Site Scripting XSS vulnerability in CTHthemes TheRoof theme = 1.0.3 versions...
CVE-2023-29430
CVE-2023-29430 affects the WordPress TheRoof theme by CTHthemes, up to version 1.0.3, via an unauthenticated reflected XSS. A fix is available in version 1.0.4 and later. Action: upgrade TheRoof theme to at least 1.0.4 to remediate the vulnerability.
WordPress TheRoof Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software TheRoof Type Theme Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29430 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a30310c483cd Credits RE-ALTER Required privilege...