Skip to main content

Automotive Car Dealership Business

1 CVEs product

Monthly

CVE-2026-27426 HIGH This Week

Reflected cross-site scripting in the Automotive Car Dealership Business WordPress theme (versions 13.3.3 and earlier by ThemeSuite) lets unauthenticated attackers inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. The CVSS 3.1 vector (AV:N/PR:N/UI:R/S:C) confirms network-based, unauthenticated exploitation that requires user interaction and crosses a security scope boundary. There is no public exploit identified at time of analysis and the flaw is not on CISA KEV.

XSS Automotive Car Dealership Business
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the Automotive Car Dealership Business WordPress theme (versions 13.3.3 and earlier by ThemeSuite) lets unauthenticated attackers inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. The CVSS 3.1 vector (AV:N/PR:N/UI:R/S:C) confirms network-based, unauthenticated exploitation that requires user interaction and crosses a security scope boundary. There is no public exploit identified at time of analysis and the flaw is not on CISA KEV.

XSS Automotive Car Dealership Business
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy