CVE-2025-58920 WordPress Cerato theme <= 2.2.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zootemplate Cerato cerato allows Reflected XSS.This issue affects Cerato: from n/a through = 2.2.18...

CVE-2025-58920

CVE-2025-58920 corresponds to a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress Cerato theme (Cerato) versions up to 2.2.18. The issue is described as an Improper Neutralization of Input During Web Page Generation. Affected product: WordPress Cerato theme; affected range:

WordPress Cerato theme <= 2.2.18 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cerato versions = 2.2.18...