CVSS: 6.1EPSS: 0%CPEs: 32EXPL: 2CVE-2011-3858 – Pixiv Custom < 2.1.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3858
Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Pixiv Custom anterior a v2.1.6 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. • https://www.exploit-db.com/exploits/36185 https://sitewat.ch/en/Advisories/16 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 32EXPL: 2CVE-2011-3850 – Atahualpa < 3.6.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3850
Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Atahualpa anteriores a v3.6.8 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • https://www.exploit-db.com/exploits/36178 http://secunia.com/advisories/46297 https://sitewat.ch/en/Advisories/8 https://wpvulndb.com/vulnerabilities/9788 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 1CVE-2011-3864 – The Erudite <= 2.7.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3864
Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema The Erudite anteriores a v2.7.9 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro cpage. Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. • https://sitewat.ch/en/Advisories/23 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 1CVE-2011-3854 – ZenLite <= 4.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3854
Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema ZenLite anteriores a v4.4 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • http://secunia.com/advisories/46296 https://sitewat.ch/en/Advisories/12 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2012-1068 – WP-RecentComments <= 2.0.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en la función rc_ajax en core.php en el complemento WP-RecentComments v2.0.7 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro page, relacionado con la paginación AJAX. • http://plugins.trac.wordpress.org/changeset/416723/wp-recentcomments/trunk/core.php?old=316325&old_path=wp-recentcomments%2Ftrunk%2Fcore.php http://secunia.com/advisories/46141 http://wordpress.org/extend/plugins/wp-recentcomments/changelog http://www.osvdb.org/75635 http://www.securityfocus.com/bid/49734 https://exchange.xforce.ibmcloud.com/vulnerabilities/70003 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •