CVE-2023-25961
CVE-2023-25961 is an unauthenticated, reflected cross-site scripting (XSS) vulnerability in Catch Themes’ Darcie WordPress theme, affecting versions up to 1.1.5. The issue is triggered through user-supplied input reflected in the page, enabling an attacker to execute script in the victim’s browse...