CVE-2023-2813

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2023-2813
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2023-09-04 12:15:00 UTC
Updated2023-11-07 04:13:00 UTC
DescriptionAll of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link.

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Ajaydsouza Connections Reloaded All All All All
Application Archimidismertzanos Atlast Business All All All All
Application Archimidismertzanos Fashionable Store All All All All
Application Archimidismertzanos Nothing Personal All All All All
Application Arthousewebdesign Brain Power All All All All
Application Asmedia Moseter All All All All
Application Asmedia Tuaug4 All All All All
Application Ayecode Cafe Bistro All All All All
Application Ayecode College All All All All
Application Ayecode Directory All All All All
Application Ayecode Plato All All All All
Application Ayecode Restaurant Pt All All All All
Application Ayecode Wedding Bride All All All All
Application Climaxthemes Kata All All All All
Application Competethemes Drop All All All All
Application Davidgarlitz Viala All All All All
Application Deothemes Arendelle All All All All
Application Deothemes Everse All All All All
Application Deothemes Nokke All All All All
Application Dotecsa Ilex All All All All
Application Dotecsa Viburno All All All All
Application Fredriksoerlie Ultralight All All All All
Application Fyrewurks Polka Dots All All All All
Application Fyrewurks Tiki Time All All All All
Application Henleythemes Counterpoint All All All All
Application Iznyn Opor Ayam All All All All
Application Iznyn Purity Of Soul All All All All
Application Jinwen Js O3 Lite All All All All
Application Jinwen Js Paper All All All All
Application Marchettidesign Fullbase All All All All
Application Marchettidesign Wlow All All All All
Application Omarfolgheraiter Digitally All All All All
Application Saumendra Aapna All All All All
Application Saumendra Anand All All All All
Application Ta2g Tantyyellow All All All All
Application Themeinprogress Bazaar Lite All All All All
Application Themeinprogress Looki Lite All All All All
Application Themeinprogress Saul All All All All
Application Themeinprogress Saul Lite All All All All
Application Themeinprogress Venice Lite All All All All
Application Thewebhunter Anfaust All All All All
Application Thewebhunter Offset Writing All All All All
Application Thriveweb Pinzolo All All All All
Application Tijaji Tijaji All All All All
Application Wpmole Tydskrif All All All All
Application Yws Bunnypress Lite All All All All

References

ReferenceSourceLinkTags
Just a moment... MISC wpscan.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report