Activello icon indicating copy to clipboard operation
Activello copied to clipboard
verified publisher icon ColorlibHQ

vulnerability

Open Colorlib-Support opened this issue 2 years ago • 2 comments

Brandon Roldan discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Activello Theme. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

https://patchstack.com/database/vulnerability/activello/wordpress-activello-theme-1-4-4-auth-reflected-cross-site-scripting-xss-vulnerability-2?_a_id=250

Reported here: https://colorlibsupport.com/t/required-action-vulnerability-detected-in-your-wordpress-site-on-sbam-be/35448/2

Colorlib-Support avatar Aug 30 '23 11:08 Colorlib-Support

Hi

Could you please provide a status about the incoming fix regarding this vulnerability ?

Thanks a lot

Go-rom avatar Nov 09 '23 09:11 Go-rom

Hi

I still received email notifications about the vulnerability of this template. Could you fix that asap?

Capture d'écran 2023-11-10 111327

Thx a lot

Richard Cop

tomatokill avatar Nov 10 '23 10:11 tomatokill