Unrated severityNVD Advisory· Published Sep 16, 2022· Updated Jun 5, 2025
Classima < 2.1.11 - Reflected Cross-Site Scripting
CVE-2022-2654
Description
The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<1.10+ 1 more
- (no CPE)range: <1.10
- (no CPE)range: <1.10
- Range: <2.2.14
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/845f44ca-f572-48d7-a19a-89cace0b8993mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.