Vulnerabilities > CVE-2023-3708 - Unspecified vulnerability in Deothemes Medikaid

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

deothemes

NVD

Published: 2023-07-18

Updated: 2024-11-21

Summary

Several themes for WordPress by DeoThemes are vulnerable to Reflected Cross-Site Scripting via breadcrumbs in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Vulnerable Configurations

Part	Description	Count
Application	Deothemes Deothemes Medikaid 1.0 Deothemes Medikaid 1.0.1 Deothemes Medikaid 1.0.2 Deothemes Medikaid 1.0.3 Deothemes Medikaid 1.0.4 Deothemes Medikaid 1.0.5 Deothemes Medikaid 1.0.6 Deothemes Medikaid 1.0.7 Deothemes Medikaid 1.0.8 Deothemes Medikaid 1.0.9 Deothemes Medikaid 1.0.10 Deothemes Medikaid 1.0.11 Deothemes Medikaid 1.0.12 Deothemes Medikaid 1.0.13 Deothemes Medikaid 1.0.14 Deothemes Medikaid 1.0.15 Deothemes Medikaid 1.1 Deothemes Medikaid 1.1.1 Deothemes Medikaid 1.1.2	19

Summary

Vulnerable Configurations

References