Yuki, f4d60c1247dfd2dcef2e7f7c40df2f7b743e04f8

CVE, Research URL: f4d60c1247dfd2dcef2e7f7c40df2f7b743e04f8
Home page URL: Security reports for Yuki
Application: Yuki
Published on: Jul 18, 2023
Research Description: Yuki [yuki] < 1.3.8 WordPress Yuki Theme <= 1.3.7 is vulnerable to Cross Site Scripting (XSS) No patched version available. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Yuki Theme. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.
Affected versions: max 1.3.8.
Status: vulnerable