• Call Us: (540) 566-8737
    • Account Login (AMP)
    Menu
    CarZine <= 1.4.6 - Reflected Cross-Site Scripting

    CarZine <= 1.4.6 - Reflected Cross-Site Scripting

    Tweet
    Share
    Share
    Pin
    0 Shares

    EntreBase Advisory: The CarZine theme for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

    Read more about this vulnerability: https://www.wordfence.com/threat-intel/vulnerabilities/id/90c88379-e87f-4c32-af2b-83704cb14e29?source=api-prod

    About the Contributor
    Trust & Safety
    The Trust & Safety team ensures the EntreBase platform remains compliant, safe, and user-friendly. Focused on risk management and user protection, they work to uphold trust and provide a seamless experience.