WordPress Yuki Theme <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)

  • Resolved jhonx

    (@jhonx)


    1 month, 2 weeks ago

    Dear Developer’s

    I hope this message finds you well. I recently installed the Yuki Theme for WordPress (version 1.3.7) on my website and discovered that it is vulnerable to Cross-Site Scripting (XSS). The vulnerability has been reported in versions up to 1.3.7.

    Given the security risk this poses, I would like to inquire whether you are aware of this issue and if there is a timeline for when a patch or update addressing this vulnerability will be released.

    In the meantime, could you recommend any immediate mitigation steps I should take to secure my site until the vulnerability is resolved?

    Thank you for your time and assistance. I look forward to your response and appreciate your dedication to maintaining a secure product.

    • This topic was modified 1 month, 2 weeks ago by jhonx.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    The vulnerability has been reported in versions up to 1.3.7.

    The current version of the theme is 1.3.23, so that has been fixed for quite some time.

    Theme Author WP Moose

    (@wpmoose)

    Yes, this issue has been fixed, please keep your theme up to date to avoid security issues.

    Thanks.

    Thread Starter jhonx

    (@jhonx)

    Thank you for your answer !

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Tags