5 matches found
CVE-2025-5529
The Educenter theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Circle Counter Block in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-5529
The Educenter theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Circle Counter Block in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-5529 Educenter <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Educenter theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Circle Counter Block in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
PT-2025-30967 · WordPress · Educenter
Name of the Vulnerable Software and Affected Versions: Educenter theme for WordPress versions prior to 1.6.3 Description: The Educenter theme for WordPress is susceptible to Stored Cross-Site Scripting through the Circle Counter Block. Insufficient input sanitization and output escaping allows...
WordPress Educenter Theme <= 1.5.5 is vulnerable to Broken Access Control
Software Educenter Type Theme Vulnerable versions = 1.5.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-30480 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5f9286f8d48f Credits Dave Jong Patchstack Required privileg...