Skip to main content

Dukamarket

1 CVEs product

Monthly

CVE-2026-39628 MEDIUM This Month

Improper neutralization of script-related HTML tags in kutethemes DukaMarket WordPress theme version 1.3.0 and earlier allows unauthenticated remote attackers to inject malicious code via XSS, resulting in integrity compromise. The vulnerability has an EPSS score of 0.03% (percentile 8%), indicating very low real-world exploitation probability despite the moderate CVSS 5.3 rating. No evidence of active exploitation or public proof-of-concept code has been identified.

XSS Dukamarket
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper neutralization of script-related HTML tags in kutethemes DukaMarket WordPress theme version 1.3.0 and earlier allows unauthenticated remote attackers to inject malicious code via XSS, resulting in integrity compromise. The vulnerability has an EPSS score of 0.03% (percentile 8%), indicating very low real-world exploitation probability despite the moderate CVSS 5.3 rating. No evidence of active exploitation or public proof-of-concept code has been identified.

XSS Dukamarket
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy