Uminex

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-39629 MEDIUM This Month

Improper neutralization of script-related HTML tags in the kutethemes Uminex WordPress theme version 1.0.9 and earlier enables unauthenticated remote attackers to inject arbitrary code via cross-site scripting (XSS), resulting in limited information disclosure. The vulnerability has an EPSS score of 0.03% (8th percentile), indicating minimal real-world exploitation probability despite a CVSS base score of 5.3; no public exploit code or active exploitation has been identified.

XSS Uminex

NVD

CVSS 3.1

5.3

EPSS

0.0%

CVE-2026-39629

EPSS 0% CVSS 5.3

MEDIUM This Month

Improper neutralization of script-related HTML tags in the kutethemes Uminex WordPress theme version 1.0.9 and earlier enables unauthenticated remote attackers to inject arbitrary code via cross-site scripting (XSS), resulting in limited information disclosure. The vulnerability has an EPSS score of 0.03% (8th percentile), indicating minimal real-world exploitation probability despite a CVSS base score of 5.3; no public exploit code or active exploitation has been identified.

XSS Uminex

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy