Skip to main content

Miti

1 CVEs product

Monthly

CVE-2026-25350 HIGH PATCH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the skygroup Miti theme for WordPress, allowing attackers to inject malicious scripts into web pages viewed by users. This vulnerability affects Miti versions prior to 1.5.3, and an attacker can craft malicious URLs to execute arbitrary JavaScript in the context of a victim's browser session, potentially stealing credentials, session tokens, or performing actions on behalf of the user. No CVSS score, EPSS metric, or KEV status information is currently available, but the vulnerability has been documented by Patchstack with a patch available in version 1.5.3.

XSS Miti
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the skygroup Miti theme for WordPress, allowing attackers to inject malicious scripts into web pages viewed by users. This vulnerability affects Miti versions prior to 1.5.3, and an attacker can craft malicious URLs to execute arbitrary JavaScript in the context of a victim's browser session, potentially stealing credentials, session tokens, or performing actions on behalf of the user. No CVSS score, EPSS metric, or KEV status information is currently available, but the vulnerability has been documented by Patchstack with a patch available in version 1.5.3.

XSS Miti
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy