CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2017-20088 – Atahualpa Theme cross-site request forgery
https://notcve.org/view.php?id=CVE-2017-20088
23 Jun 2022 — A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Se ha encontrado una vulnerabilidad clasificada como problemática en Atahualpa Theme. • http://seclists.org/fulldisclosure/2017/Feb/90 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2017-20085 – Atahualpa Theme cross site scriting
https://notcve.org/view.php?id=CVE-2017-20085
23 Jun 2022 — A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely. Se ha encontrado una vulnerabilidad en Atahualpa Theme y ha sido clasificada como problemática. • http://seclists.org/fulldisclosure/2017/Feb/83 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 6.1EPSS: 1%CPEs: 32EXPL: 2CVE-2011-3850 – Atahualpa < 3.6.8 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-3850
28 Sep 2011 — Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el tema Atahualpa anteriores a v3.6.8 para WordPress, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s. • https://www.exploit-db.com/exploits/36178 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •