Login Sign Up

CVE-2023-3708

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS) attacks via breadcrumb functionality in several DeoThemes WordPress themes. Attackers can inject malicious scripts that execute when users click specially crafted links, potentially stealing session cookies or performing actions on behalf of the user. WordPress sites using vulnerable DeoThemes themes are affected.

💻 Affected Systems

Products:
  • DeoThemes WordPress themes (Medikaid, Arendelle, Amela, Everse)
Versions: Versions before the patches applied in changesets 196755-196758
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects WordPress installations using vulnerable DeoThemes themes. The vulnerability is in theme code, not WordPress core.

📦 What is this software?

Amela by Deothemes

View all CVEs affecting Amela →

Arendelle by Deothemes

View all CVEs affecting Arendelle →

Everse by Deothemes

View all CVEs affecting Everse →

Medikaid by Deothemes

View all CVEs affecting Medikaid →

Nokke by Deothemes

View all CVEs affecting Nokke →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain administrative access to WordPress, install backdoors, deface websites, or exfiltrate sensitive data.

🟠

Likely Case

Attackers steal user session cookies, perform actions on behalf of users, redirect to malicious sites, or display phishing content.

🟢

If Mitigated

Script execution is prevented by browser security features like Content Security Policy (CSP) or input validation at other layers.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS vulnerabilities are commonly exploited and require minimal technical skill. Attackers need to trick users into clicking malicious links.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched versions available via WordPress theme repository updates

Vendor Advisory: https://deothemes.com/changelog/medikaid-changelog/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Appearance > Themes. 3. Check for updates for affected DeoThemes themes. 4. Apply available updates. 5. Clear any caching plugins/CDN caches.

🔧 Temporary Workarounds

Temporary Input Sanitization

all

Add custom sanitization to breadcrumb functions in theme files

Edit theme PHP files to add esc_html() or esc_attr() around breadcrumb output

Content Security Policy

all

Implement CSP headers to restrict script execution

Add 'Content-Security-Policy: default-src 'self'; script-src 'self'' to web server configuration

🧯 If You Can't Patch

  • Switch to a different WordPress theme temporarily
  • Implement web application firewall (WAF) rules to block XSS payloads in breadcrumb parameters

🔍 How to Verify

Check if Vulnerable:

Check WordPress theme versions in Appearance > Themes. If using Medikaid, Arendelle, Amela, or Everse themes from DeoThemes, verify version numbers against patched changesets.

Check Version:

wp theme list --fields=name,status,version (if WP-CLI installed) or check Appearance > Themes in WordPress admin

Verify Fix Applied:

After updating, test breadcrumb functionality with XSS payloads like <script>alert('test')</script> in URL parameters to confirm sanitization.

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests with script tags or JavaScript in breadcrumb-related parameters
  • Unusual referrer headers containing malicious payloads

Network Indicators:

  • Outbound connections to suspicious domains following XSS execution
  • Unexpected POST requests from user sessions

SIEM Query:

web_access_logs WHERE url_query CONTAINS '<script' OR url_query CONTAINS 'javascript:' AND url_path CONTAINS 'breadcrumb'

📊 Metadata

CVE ID: CVE-2023-3708
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.74% exploit probability (72.5th percentile)
Published: July 18, 2023
Last Updated: February 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3708, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)