WordPress Nyla Theme Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the WordPress Nyla theme, specifically in versions through 1.7. This issue arises from improper handling of script-related HTML tags, allowing for code injection. Attackers could exploit this vulnerability to inject malicious content, potentially leading to phishing attacks by embedding deceptive pages within the victim's website.

Impact

Exploitation of this vulnerability could result in unauthorized code execution on the affected website, allowing attackers to inject and execute malicious scripts that could be used to compromise the site or its users.

Added: May 26, 2026, 5:13 PM

Updated: May 26, 2026, 5:13 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.6

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.6

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Nyla Theme Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

SpabRice Nyla

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating