Weaver Xtreme Theme

CVEs (1)

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2023-1403	Med	0.42	6.4	0.00		Jun 9, 2023	The Weaver Xtreme Theme for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 5.0.7. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-1403MedJun 9, 2023
risk 0.42cvss 6.4epss 0.00
The Weaver Xtreme Theme for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 5.0.7. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.