1 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 1CVE-2011-3862 – Morning Coffee < 3.6 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3862
28 Sep 2011 — Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Morning Coffee anterior a v3.6 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través dePATH_INFO sobre index.php. The Morning Coffee theme for WordPress is vulnerable to Reflected Cross-Site ... • https://www.exploit-db.com/exploits/36186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •