Themes Vulnerabilities

Salem Theme < 1.5.6 - PrettyPhoto DOM Cross-Site Scripting (XSS)

Description

The salem WordPress theme was affected by a PrettyPhoto DOM Cross-Site Scripting (XSS) security vulnerability.

Affects Themes

salem
Fixed in 1.5.6

References

URL
https://themeforest.net/item/salem-clean-and-bold-one-page-wordpress-theme/10329778

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
82dea85b-78d9-4e4c-8a5f-bf5bbdbe4e80

Timeline

Publicly Published
2015-06-18 (about 10 years ago)
Added
2015-06-18 (about 10 years ago)
Last Updated
2020-03-03 (about 6 years ago)

Other

Published
Title
Published
2024-07-24
Title
WooCommerce < 9.1.4 - Stored XSS
Published
2023-07-17
Title
Rank Math SEO < 1.0.119.1 - Contributor+ Stored XSS
Published
2024-04-24
Title
WP Shortcodes Plugin — Shortcodes Ultimate < 7.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox
Published
2025-06-05
Title
Video Embeds <= 0.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-12-19
Title
Userpro <= 5.1.9 - Reflected Cross-Site Scripting