Themify Folo
Monthly
Reflected cross-site scripting in the Themify Folo WordPress theme (versions up to and including 1.9.6) allows remote attackers to execute arbitrary JavaScript in a victim's browser when the victim clicks a crafted link. The flaw is reported by Patchstack with a CVSS 3.1 base score of 7.1 driven by scope change and user interaction; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Reflected cross-site scripting in the Themify Folo WordPress theme (versions up to and including 1.9.6) allows remote attackers to execute arbitrary JavaScript in a victim's browser when the victim clicks a crafted link. The flaw is reported by Patchstack with a CVSS 3.1 base score of 7.1 driven by scope change and user interaction; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.