CVE-2017-20088 – Atahualpa Theme cross-site request forgery
https://notcve.org/view.php?id=CVE-2017-20088
A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Se ha encontrado una vulnerabilidad clasificada como problemática en Atahualpa Theme. • http://seclists.org/fulldisclosure/2017/Feb/90 https://vuldb.com/?id.97380 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2017-20085 – Atahualpa Theme cross site scriting
https://notcve.org/view.php?id=CVE-2017-20085
A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely. Se ha encontrado una vulnerabilidad en Atahualpa Theme y ha sido clasificada como problemática. • http://seclists.org/fulldisclosure/2017/Feb/83 https://vuldb.com/?id.97375 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2011-3850 – Atahualpa < 3.6.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3850
Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Atahualpa anteriores a v3.6.8 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • https://www.exploit-db.com/exploits/36178 http://secunia.com/advisories/46297 https://sitewat.ch/en/Advisories/8 https://wpvulndb.com/vulnerabilities/9788 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •