Auto Repair
Monthly
Reflected cross-site scripting in the VamTam Auto Repair WordPress theme versions 22.6 and earlier allows remote unauthenticated attackers to execute arbitrary JavaScript in a victim's browser after tricking them into clicking a crafted link. The flaw was disclosed via Patchstack and carries a CVSS 7.1 due to scope change impact on the WordPress admin context; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Reflected cross-site scripting in the VamTam Auto Repair WordPress theme versions 22.6 and earlier allows remote unauthenticated attackers to execute arbitrary JavaScript in a victim's browser after tricking them into clicking a crafted link. The flaw was disclosed via Patchstack and carries a CVSS 7.1 due to scope change impact on the WordPress admin context; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.