2 matches found
CVE-2025-49873
CVE-2025-49873 refers to a Cross-Site Scripting flaw in WordPress Theme Elessi (versions n/a through 6.3.9). The root cause is improper neutralization of input during web page generation, enabling reflected XSS. Patch data indicates the issue is fixed in version 6.4.1 of Elessi (update to at leas...
CVE-2025-49873 WordPress Elessi theme <= 6.3.9 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Elessi elessi-theme allows Reflected XSS.This issue affects Elessi: from n/a through = 6.3.9...