Skip to main content

Darna Framework

1 CVEs product

Monthly

CVE-2026-27088 HIGH This Week

A reflected cross-site scripting (XSS) vulnerability exists in G5Theme's Darna Framework through version 2.9, allowing attackers to inject malicious scripts that execute in users' browsers when crafted URLs are visited. The vulnerability affects the Darna Framework WordPress plugin and stems from improper input neutralization during web page generation. While no CVSS score or EPSS data is currently published, the CWE-79 classification indicates this is a classic reflected XSS with potential for credential theft, session hijacking, and malware distribution depending on the attack vector's accessibility.

XSS Darna Framework
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH This Week

A reflected cross-site scripting (XSS) vulnerability exists in G5Theme's Darna Framework through version 2.9, allowing attackers to inject malicious scripts that execute in users' browsers when crafted URLs are visited. The vulnerability affects the Darna Framework WordPress plugin and stems from improper input neutralization during web page generation. While no CVSS score or EPSS data is currently published, the CWE-79 classification indicates this is a classic reflected XSS with potential for credential theft, session hijacking, and malware distribution depending on the attack vector's accessibility.

XSS Darna Framework
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy