cleantalk
Vulnerabilities and Security Researches

Domain Theme, CVE-2025-28897

CVE, Research URL

CVE-2025-28897

Home page URL

Security reports for Domain Theme

Application

Domain Theme

Published on
Mar 12, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Steveorevo Domain Theme allows Stored XSS. This issue affects Domain Theme: from n/a through 1.3.
Affected versions
Min -, max 1.3.
Status
vulnerable
Previous vulnerability researches
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2025-1291) , Mar 05, 2025
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2024-5819) , Jul 01, 2024
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2024-12581) , Dec 15, 2024
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2024-10785) , Nov 21, 2024
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2025-24753) , Jan 26, 2025
New vulnerability
WP No-Bot Question (CVE-2025-28909) , Mar 13, 2025
TabGarb Pro (CVE-2025-28900) , Mar 13, 2025
Contact Form 7 Select Box Editor Button (CVE-2025-28902) , Mar 13, 2025
Google News Editors Picks Feed Generator (CVE-2025-28860) , Mar 13, 2025
Custom Dashboard Page (CVE-2025-28912) , Mar 13, 2025