exploitDog

CVE-2025-63066

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through <= 3.6.2.

Ссылки

https://patchstack.com/database/Wordpress/Plugin/porto-functionality/vulnerability/wordpress-porto-theme-functionality-plugin-3-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve

EPSS

Процентиль: 13%

0.00042

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-7wq3-fgh6-wjpx

CVSS3: 6.5

github

около 2 месяцев назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through <= 3.6.2.

EPSS

Процентиль: 13%

0.00042

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-79