4 matches found
CVE-2025-26934
CVE-2025-26934 is a Stored XSS in the WordPress Glossy Blog theme (versions up to 1.0.3). The vulnerability arises from improper input neutralization during web page generation, allowing attacker-supplied content to be stored and rendered on pages. Affected product: Glossy Blog (WordPress theme) ...
CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in graphthemes Glossy Blog glossy-blog allows Stored XSS.This issue affects Glossy Blog: from n/a through = 1.0.3...
CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in graphthemes Glossy Blog glossy-blog allows Stored XSS.This issue affects Glossy Blog: from n/a through = 1.0.3...
WordPress Glossy Blog Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Glossy Blog Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-26934 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b4d593ddb83f Credits stealthcopter Required privilege...