CVE-2023-28687
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
26/03/2024
Last modified:
28/04/2026
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://patchstack.com/database/vulnerability/cream-blog/wordpress-cream-blog-theme-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/cream-magazine/wordpress-cream-magazine-theme-2-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/fascinate/wordpress-fascinate-theme-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/glaze-blog-lite/wordpress-glaze-blog-lite-theme-1-1-4-cross-site-scripting-xss-vulnerability
- https://patchstack.com/database/vulnerability/cream-blog/wordpress-cream-blog-theme-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/cream-magazine/wordpress-cream-magazine-theme-2-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/fascinate/wordpress-fascinate-theme-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/glaze-blog-lite/wordpress-glaze-blog-lite-theme-1-1-4-cross-site-scripting-xss-vulnerability