Skip to main content

Trendy Travel

1 CVEs product

Monthly

CVE-2025-69153 HIGH This Week

Reflected cross-site scripting in the Trendy Travel WordPress theme (versions 6.7 and earlier) by designthemes lets remote unauthenticated attackers inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. Rated CVSS 7.1 with a scope change (S:C), reflecting that injected script can act across the WordPress security boundary. No public exploit identified at time of analysis, and no EPSS score was supplied.

XSS Trendy Travel
NVD
CVSS 3.1
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the Trendy Travel WordPress theme (versions 6.7 and earlier) by designthemes lets remote unauthenticated attackers inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. Rated CVSS 7.1 with a scope change (S:C), reflecting that injected script can act across the WordPress security boundary. No public exploit identified at time of analysis, and no EPSS score was supplied.

XSS Trendy Travel
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy