VYPR

Weaver Xtreme Theme Support

by Weavertheme

CVEs (2)

  • CVE-2024-4939MedJun 5, 2024
    risk 0.42cvss 6.4epss 0.00

    The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's div shortcode in all versions up to, and including, 6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2023-6990MedJan 11, 2024
    risk 0.35cvss 5.4epss 0.00

    The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied meta (page-head-code). This makes it possible for…