Security Advisory

CVE-2023-49839

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-26 07:57:39

Last updated 2026-04-28 16:08:58

Assigner Patchstack

State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in KlbTheme Cosmetsy theme (core plugin), KlbTheme Partdo theme (core plugin), KlbTheme Bacola theme (core plugin), KlbTheme Medibazar theme (core plugin), KlbTheme Furnob theme (core plugin), KlbTheme Clotya theme (core plugin) allows Reflected XSS.This issue affects Cosmetsy theme (core plugin): from n/a through 1.3.0; Partdo theme (core plugin): from n/a through 1.0.9; Bacola theme (core plugin): from n/a through 1.3.3; Medibazar theme (core plugin): from n/a through 1.2.3; Furnob theme (core plugin): from n/a through 1.1.7; Clotya theme (core plugin): from n/a through 1.1.5.

← Browse all CVEs View on cve.org ↗