RadiusTheme Metro: Attackers can inject malicious code into your website

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.1

RadiusTheme Metro: Attackers can inject malicious code into your website

CVE-2026-27382

Summary

The RadiusTheme Metro theme has a security issue that allows hackers to inject malicious code into your website. This means that if you're using this theme, you might be putting your website and visitors at risk. Update to the latest version of the theme to fix this issue.

Original title

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Metro metro allows DOM-Based XSS.This issue affects Metro: from n/a through <= 2.13.

Original description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Metro metro allows DOM-Based XSS.This issue affects Metro: from n/a through <= 2.13.

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://patchstack.com/database/Wordpress/Theme/metro/vulnerability/wordpress-me...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026