The Starto theme for WordPress has a security issue called Reflected Cross-Site Scripting, which affects versions 2.1.9 and lower. This is because the theme does not properly clean up user input and output, making it easy for hackers to insert harmful scripts into web pages. If a user is tricked into clicking on a link, these scripts can be executed without their knowledge.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
