Skip to main content

Auto Repair

1 CVEs product

Monthly

CVE-2026-22328 HIGH This Week

Reflected cross-site scripting in the VamTam Auto Repair WordPress theme versions 22.6 and earlier allows remote unauthenticated attackers to execute arbitrary JavaScript in a victim's browser after tricking them into clicking a crafted link. The flaw was disclosed via Patchstack and carries a CVSS 7.1 due to scope change impact on the WordPress admin context; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS Auto Repair
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the VamTam Auto Repair WordPress theme versions 22.6 and earlier allows remote unauthenticated attackers to execute arbitrary JavaScript in a victim's browser after tricking them into clicking a crafted link. The flaw was disclosed via Patchstack and carries a CVSS 7.1 due to scope change impact on the WordPress admin context; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS Auto Repair
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy