ThreatPress

WordPress Vulnerability Database

Back

WordPress Wyzi premium theme <= 2.4.2 - Cross-Site Scripting (XSS) vulnerability

Product
Wyzi
Description
Cross-Site Scripting (XSS) vulnerability found by Daniel Ruf in WordPress Wyzi premium theme (versions <= 2.4.2).
Solution
Update the WordPress Wyzi premium theme to the latest available version (at least 2.4.3).
Classification
Type Cross Site Scripting (XSS)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Theme changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.4.2
Fixed In 2.4.3
Disclosure date
2021-02-06
Credits
Daniel Ruf