Skip to main content

Seowp

1 CVEs product

Monthly

CVE-2026-57761 HIGH This Week

Stored cross-site scripting via cross-site request forgery affects the SEOWP WordPress theme by BlueAstralThemes in all versions up to and including 3.12.2, allowing a remote unauthenticated attacker who tricks a logged-in administrator into loading a malicious page to forge a state-changing request that injects persistent script into the site. The CVSS 3.1 score of 7.1 reflects a scope change (attacker-controlled JavaScript executes in the victim's browser session) with limited confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; exploitation hinges on successful social engineering of an authenticated victim (UI:R).

CSRF Seowp
NVD
CVSS 3.1
7.1
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Week

Stored cross-site scripting via cross-site request forgery affects the SEOWP WordPress theme by BlueAstralThemes in all versions up to and including 3.12.2, allowing a remote unauthenticated attacker who tricks a logged-in administrator into loading a malicious page to forge a state-changing request that injects persistent script into the site. The CVSS 3.1 score of 7.1 reflects a scope change (attacker-controlled JavaScript executes in the victim's browser session) with limited confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; exploitation hinges on successful social engineering of an authenticated victim (UI:R).

CSRF Seowp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy