ThreatPress

WordPress Vulnerability Database

Back

WordPress Love Travel premium theme <= 3.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) and Cross-Frame Scripting (XFS) vulnerabilities

Product
Love Travel
Description
Unauthenticated Reflected Cross-Site Scripting (XSS) and Cross-Frame Scripting (XFS) vulnerabilities found by Ex.Mi in WordPress Love Travel premium theme (versions <= 3.8).
Solution
2020-11.12 - we were unable to find information about the patched version of this theme.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Vulnerability details
CVE
Name CVE-N/A
Versions
Affected In <= 3.8
Fixed In 3.9
Disclosure date
2020-11-12
Credits
Ex.Mi