Log out
Get PRO

Latest

Input validation vulnerability in 5 Themes by DeoThemes

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 17, 2023

Several themes for WordPress, created by DeoThemes, have a vulnerability that could allow unauthenticated attackers to inject malicious web scripts into pages. This is due to the themes not having enough security measures in place to check and filter user input and to properly encode output. If the attacker can get a user to click on a link, the malicious script could be executed.

Detected in:

Amela fixed vulnerable versions: >= * <= 1.0.13
Arendelle fixed vulnerable versions: >= * <= 1.1.12
Everse fixed vulnerable versions: >= * <= 1.8.10
MedikAid | Medical Health Care RTL WordPress Theme fixed vulnerable versions: >= * <= 1.1.2
Nokke fixed vulnerable versions: >= * <= 1.2.3

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.