3 matches found
CVE-2023-41235 WordPress Everest News Pro Theme <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Everest News Pro theme = 1.1.7 versions...
CVE-2023-41235
CVE-2023-41235: Everest News Pro theme (WordPress) up to version 1.1.7 is vulnerable to unauthenticated reflected XSS. Root cause: improper handling of user-controlled input in the Everest News Pro theme, enabling reflected XSS payloads. Impact is stated as cross-site scripting with unauthenticat...
WordPress Everest News Pro Theme <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Everest News Pro Type Theme Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41235 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5fee490dcfb6 Credits László Radnai...