CVE-2025-23998

Medium CVSS: 6.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raratheme UltraLight the-ultralight allows Reflected XSS.This issue affects UltraLight: from n/a through <= 1.2.

Vendor

Rarathemes

Product

The Ultralight

CWE

CWE-79

Yayın Tarihi

2025-01-21 14:15:13

Güncelleme

2026-04-01 17:17:35

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 The Ultralight MEDIUM Rarathemes 2025

Referanslar

https://patchstack.com/database/Wordpress/Theme/the-ultralight/vulnerability/wordpress-ultralight-theme-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

High

CVE-2024-37937

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Rara Business rara-business allows Cross Site Request Forge…

High

CVE-2024-37503

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Cross Site R…

High

CVE-2024-37508

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Construction Landing Page construction-landing-page allows…

High

CVE-2024-37450

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Benevolent benevolent allows Cross Site Request Forgery.Thi…

High

CVE-2024-37451

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Travel Agency travel-agency allows Cross Site Request Forge…

Unknown

CVE-2024-37413

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Preschool and Kindergarten preschool-and-kindergarten allow…