All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-57737
MEDIUMpublished 2026-07-01 18:16 UTC · 3 days ago · modified 2026-07-02 13:16 UTC
6.5
CVSS / 10
// description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta LTD Shortcodes and extra features for Phlox theme allows DOM-Based XSS. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.16.
// weaknesses (CWE)
- CWE-79