Security Ninja Vulnerability Scanner shows Weaver Xtreme as vulnarable

  • Resolved tischtennis

    (@tischtennis)


    1 year, 1 month ago

    I am getting the error from ‘Security Ninja Vulnerability Scanner’: “The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied meta (page-head-code). This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.” I also see the message: “Aktualisiere Weaver Xtreme zumindest auf die Version?6.4.0

    The version 6.4.0 (free version) is installed, but the error message will still appear. I am confused. The theme developer says this version is not vulnarable. What does this mean?

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security Ninja Vulnerability Scanner shows Weaver Xtreme as vulnarable’ is closed to new replies.