CVE-2025-39365 WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rocket Apps wProject allows Reflected XSS.This issue affects wProject: from n/a before 5.8.0...

WordPress wProject Theme < 5.8.0 is vulnerable to Privilege Escalation

Software wProject Type Theme Vulnerable versions 5.8.0 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2025-39366 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID dc57f98abe0c Credits Dave Jong Patchstack Required privileg...