8 matches found
CVE-2025-7058
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
EUVD-2025-203215
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7058
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7058 Kingcabs <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7058
CVE-2025-7058 affects the WordPress theme Kingcabs. The vulnerability is a Stored Cross‑Site Scripting (XSS) in the progressbarLayout parameter present in versions up to 1.1.9. Exploitation requires authenticated access at Contributor level or higher ; an attacker can inject scripts that execute ...
CVE-2025-7058 Kingcabs <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
PT-2025-51082
The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
WordPress Kingcabs Theme <= 1.1.6 is vulnerable to Broken Access Control
Software Kingcabs Type Theme Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32959 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 2d230f2e2cbf Credits Dave Jong Patchstack Required...