{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23973", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-19T16:14:52.937Z", "datePublished": "2026-03-25T16:14:30.420Z", "dateUpdated": "2026-03-25T20:23:33.815Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "golo", "product": "Golo", "vendor": "uxper", "versions": [{"changes": [{"at": "1.7.5", "status": "unaffected"}], "lessThanOrEqual": "< 1.7.5", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:13.185Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.<p>This issue affects Golo: from n/a through < 1.7.5.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.This issue affects Golo: from n/a through < 1.7.5."}], "impacts": [{"capecId": "CAPEC-591", "descriptions": [{"lang": "en", "value": "Reflected XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:30.420Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/golo/vulnerability/wordpress-golo-theme-1-7-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress Golo theme < 1.7.5 - Reflected Cross Site Scripting (XSS) vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-23973", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T20:18:01.699958Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:23:33.815Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-23973", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T20:18:01.699958Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:18:03.308Z"}}], "cna": {"title": "WordPress Golo theme < 1.7.5 - Reflected Cross Site Scripting (XSS) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-591", "descriptions": [{"lang": "en", "value": "Reflected XSS"}]}], "affected": [{"vendor": "uxper", "product": "Golo", "versions": [{"status": "affected", "changes": [{"at": "1.7.5", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "< 1.7.5"}], "packageName": "golo", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:13.185Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/golo/vulnerability/wordpress-golo-theme-1-7-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.This issue affects Golo: from n/a through < 1.7.5.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.<p>This issue affects Golo: from n/a through < 1.7.5.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:30.420Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23973", "state": "PUBLISHED", "dateUpdated": "2026-03-25T20:23:33.815Z", "dateReserved": "2026-01-19T16:14:52.937Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:30.420Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.This issue affects Golo: from n/a through < 1.7.5."}], "id": "CVE-2026-23973", "lastModified": "2026-03-25T21:16:30.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:36.420", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/golo/vulnerability/wordpress-golo-theme-1-7-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-25T19:53:25.925789+00:00", "value": {"mitigation_remediation": ["Update Golo theme to version 1.7.5 or later.", "Verify that the update was fully applied.", "Add a Content\u2011Security\u2011Policy header to restrict script sources.", "If upgrade is not feasible, implement server\u2011side input sanitization or use a WordPress plugin that escapes output.", "Monitor logs for suspicious query strings and block repeat offenders via firewall or WAF."], "summary": {"action": "Patch", "impact": "Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The vulnerable asset is the uxper Golo theme for WordPress. Any release before version 1.7.5 is affected, as the input handling does not escape reflected data. The problem exists across all earlier iterations of the theme.", "description_and_impact": "The Golo WordPress theme contains a flaw that allows unsanitized user input to be reflected in the generated page. This permits attackers to inject malicious scripts that execute in the victim\u2019s browser, potentially leading to credential theft, session hijacking, defacement, or other malicious actions. The weakness is a classic input validation error classified as CWE\u201179.", "risk_and_exploitability": "The flaw can be exploited remotely by forging a URL or form that contains malicious payloads. No authentication is needed, so any user visiting the crafted link is at risk. The vulnerability carries a high potential impact on confidentiality, integrity, and availability for site visitors. While the exact CVSS score is not listed, the threat is significant. The likelihood of exploitation is not quantified, but the simplicity of the attack vector suggests a high probability of use. The vulnerability is not noted in CISA\u2019s Known Exploited Vulnerabilities catalog."}}}}, "created": "2026-03-25T21:34:56.505964+00:00", "updated": "2026-03-25T21:34:56.505987+00:00", "vendors": []}