Yobazar
Monthly
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Skygroup Yobazar WordPress theme due to improper neutralization of user input during web page generation. This vulnerability affects Yobazar versions prior to 1.6.7 and allows attackers to inject malicious scripts that execute in the browsers of users who visit crafted URLs. The vulnerability has been reported by Patchstack and is classified as CWE-79; while no CVSS score or EPSS data is currently available, the reflected XSS vector typically enables session hijacking, credential theft, and malware distribution.
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Skygroup Yobazar WordPress theme due to improper neutralization of user input during web page generation. This vulnerability affects Yobazar versions prior to 1.6.7 and allows attackers to inject malicious scripts that execute in the browsers of users who visit crafted URLs. The vulnerability has been reported by Patchstack and is classified as CWE-79; while no CVSS score or EPSS data is currently available, the reflected XSS vector typically enables session hijacking, credential theft, and malware distribution.