CVE-2025-12116

The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-12116

The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-12116 Drift <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title

The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-12116 Drift <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title

The Drift theme for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-12116

The CVE-2025-12116 entry maps to the Drift WordPress theme vulnerability: Stored Cross-Site Scripting via the post title in versions up to 1.5.0. Exploitation requires authenticated access at Contributor level or higher, permitting injection of scripts that run when pages are loaded. Public fix i...

PT-2026-20578

Name of the Vulnerable Software and Affected Versions Drift versions prior to 1.5.1 Description The Drift theme for WordPress is susceptible to Stored Cross-Site Scripting through the post title. Insufficient input sanitization and output escaping allow authenticated attackers with...