Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
WordPress SOHO Theme Allows Hackers to Run Malicious Code on Your Site
CVE-2025-69368
Summary
The SOHO - Photography WordPress Theme has a security issue that allows hackers to inject malicious code into your website. This could lead to unauthorized actions being performed on your site. Update the theme to the latest version (3.0.4 or later) to fix this issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes SOHO - Photography WordPress Theme soho allows DOM-Based XSS.This issue affects SOHO ...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes SOHO - Photography WordPress Theme soho allows DOM-Based XSS.This issue affects SOHO - Photography WordPress Theme: from n/a through <= 3.0.3.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026