Skip to main content

Themify Folo

1 CVEs product

Monthly

CVE-2025-31013 HIGH This Week

Reflected cross-site scripting in the Themify Folo WordPress theme (versions up to and including 1.9.6) allows remote attackers to execute arbitrary JavaScript in a victim's browser when the victim clicks a crafted link. The flaw is reported by Patchstack with a CVSS 3.1 base score of 7.1 driven by scope change and user interaction; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS Themify Folo
NVD
CVSS 3.1
7.1
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the Themify Folo WordPress theme (versions up to and including 1.9.6) allows remote attackers to execute arbitrary JavaScript in a victim's browser when the victim clicks a crafted link. The flaw is reported by Patchstack with a CVSS 3.1 base score of 7.1 driven by scope change and user interaction; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

XSS Themify Folo
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy