CitiLights — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in CitiLights, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-24973	WordPress CitiLights theme <= 3.7.1 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79	7.1	High	2026-03-25
CVE-2026-24974	WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability CWE-502	8.8	High	2026-03-25
CVE-2026-25367	WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability CWE-862	8.2^AI	High^AI	2026-02-19

All 3 known CVE vulnerabilities affecting CitiLights with full Chinese analysis, references, and POCs where available.