CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 2CVE-2011-3865 – Black-Letterhead <= 1.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3865
Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Black-LetterHead anterior a v1.6 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de PATH_INFO sobre index.php. • https://www.exploit-db.com/exploits/36187 https://sitewat.ch/en/Advisories/24 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 1CVE-2011-3864 – The Erudite <= 2.7.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3864
Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema The Erudite anteriores a v2.7.9 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro cpage. Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. • https://sitewat.ch/en/Advisories/23 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 2CVE-2011-3863 – RedLine < 1.66 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3863
Cross-site scripting (XSS) vulnerability in the RedLine theme before 1.66 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema RedLine anteriores a v1.66 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • https://www.exploit-db.com/exploits/36191 https://sitewat.ch/en/Advisories/22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 1CVE-2011-3853 – Hybrid < 0.10 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3853
Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Hybrid anteriores a v0.10 para WordPress , permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro cpage. • https://sitewat.ch/en/Advisories/11 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 2CVE-2011-3855 – F8 Lite <= 4.2.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3855
Cross-site scripting (XSS) vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema F8 Lite anteriores a v4.2.2 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • https://www.exploit-db.com/exploits/36180 https://sitewat.ch/en/Advisories/13 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •