WordPress Soledad Theme <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49827
7.1HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 14 December 2023
What is CVE-2023-49827?
A reflected XSS vulnerability in the PenciDesign Soledad WordPress Theme allows attackers to inject malicious scripts into web pages. This can be exploited when user input is not properly neutralized during page generation, potentially enabling unauthorized actions or data theft from users visiting the impacted site. The vulnerability affects all versions of the Soledad theme up to 8.4.1.
Affected Version(s)
Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme <= 8.4.1