CVE-2026-25353
Reflected XSS in Nooni < 1.5.1 Enables Web Attacks
Publication date: 2026-03-25
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| skygroup | nooni | to 1.5.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the CVE-2026-25353 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-25353 is a medium priority Cross Site Scripting (XSS) vulnerability affecting the WordPress Nooni Theme versions prior to 1.5.1.
This vulnerability allows attackers to inject malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβinto websites using the vulnerable theme.
These malicious scripts execute when visitors access the compromised site, potentially causing harm or unauthorized actions.
The vulnerability falls under the OWASP Top 10 category A3: Injection and has a CVSS score of 7.1, indicating moderate severity.
Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form, although the initial attack vector can be initiated without authentication.
A patch fixing this issue was released in version 1.5.1 of the Nooni Theme.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to inject and execute malicious scripts on your website.
Such scripts can perform unauthorized actions like redirecting visitors to malicious sites, displaying unwanted advertisements, or stealing sensitive information.
Because the scripts execute in the context of your website, visitors may be exposed to phishing, malware, or other attacks.
The vulnerability can lead to loss of user trust, damage to your website's reputation, and potential compromise of user data.
Attackers can exploit this vulnerability without authentication, increasing the risk of widespread exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a reflected Cross Site Scripting (XSS) issue in the WordPress Nooni Theme versions prior to 1.5.1. Detection typically involves identifying malicious script injections in web requests or responses related to the vulnerable theme.
While specific commands are not provided, common detection methods include monitoring HTTP requests and responses for suspicious script payloads, using web vulnerability scanners that detect reflected XSS, or employing intrusion detection systems with rules targeting this vulnerability.
Patchstack provides mitigation rules to block attacks targeting this vulnerability, which may include signature-based detection rules that can be integrated into web application firewalls or IDS/IPS systems.
What immediate steps should I take to mitigate this vulnerability?
The immediate and most effective step to mitigate this vulnerability is to update the WordPress Nooni Theme to version 1.5.1 or later, where the issue has been patched.
Until the update can be applied, users are advised to implement the mitigation rules provided by Patchstack to block attacks targeting this vulnerability.
Additionally, monitoring for suspicious activity and restricting user interactions that could trigger the reflected XSS (such as clicking on untrusted links or submitting untrusted forms) can help reduce risk.