TechOne Website May Inject Malicious Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

TechOne Website May Inject Malicious Code

CVE-2026-39625

Summary

A security issue in TechOne, a website theme, could allow an attacker to inject malicious code into TechOne websites. This could happen when a user visits a specially crafted website, potentially allowing the attacker to steal sensitive information or take control of the website. Update to the latest version of TechOne, 3.0.4 or later, to fix this issue.

Original title

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3.

Original description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through <= 3.0.3.

Vulnerability type

CWE-80 Basic XSS

https://patchstack.com/database/Wordpress/Theme/techone/vulnerability/wordpress-...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026