CVE-2023-3708

Name of the Vulnerable Software and Affected Versions DeoThemes WordPress themes (affected versions not specified)

Description The issue is related to Reflected Cross-Site Scripting via breadcrumbs in various versions of DeoThemes WordPress themes. This is due to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages. These scripts execute if an attacker can trick a user into performing an action, such as clicking on a link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.