Skip to main content

Artale Wedding Photography Wordpress

1 CVEs product

Monthly

CVE-2025-69152 HIGH This Week

Reflected/stored Cross-Site Scripting in the Artale Wedding Photography WordPress theme (versions 2.2.2 and earlier) lets unauthenticated remote attackers inject arbitrary JavaScript that executes in a victim's browser after they follow a crafted link or load a poisoned page. Reported by Patchstack and rated CVSS 7.1 with a scope change, it primarily threatens site visitors and administrators through session/context theft rather than direct server compromise. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

WordPress XSS Artale Wedding Photography Wordpress
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected/stored Cross-Site Scripting in the Artale Wedding Photography WordPress theme (versions 2.2.2 and earlier) lets unauthenticated remote attackers inject arbitrary JavaScript that executes in a victim's browser after they follow a crafted link or load a poisoned page. Reported by Patchstack and rated CVSS 7.1 with a scope change, it primarily threatens site visitors and administrators through session/context theft rather than direct server compromise. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

WordPress XSS Artale Wedding Photography Wordpress
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy