CVE-2017-18599

Name of the Vulnerable Software and Affected Versions Pinfinity theme versions prior to 2.0

Description The issue concerns a cross-site scripting (XSS) flaw. XSS is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control. The vulnerability is exploited via the s parameter.

Recommendations For versions prior to 2.0, update to version 2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the s parameter to minimize the risk of exploitation.