4 matches found
CVE-2025-3077
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button shortcode and Custom CSS field in all versions up to, and including, 28.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-3077
creationtimestamp| type| source ---|---|--- 2025-04-16 07:55:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11992 2025-04-16 10:43:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfusoyul2a 2025-04-16 11:50:55+00:00| seen| https://t.me/cvedetector/23059...
CVE-2025-3077
CVE-2025-3077 (Betheme, WordPress) : Betheme theme for WordPress (versions
WordPress Betheme Theme <= 28.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Betheme Type Theme Vulnerable versions = 28.0.3 Fixed in 28.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-3077 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7b297a9d938e Credits Webbernaut Required privilege...