Lucene search
HistoryJan 13, 2015 - 3:59 p.m.
CVE-2014-100016
xss
vulnerability
photocrati
wordpress
cve-2014-100016
web script
html
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.6%
Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prod_id parameter.
Affected configurations
Node
photocati_mediaphotocratiwordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| photocati_media:photocrati | photocati media photocrati | eq | * |
Related
wpvulndb
wpvulndb
Photocrati Theme 4.7.3 - Reflected Cross-Site Scripting (XSS)
2014-01-29 00:00:00
prion
prion
Cross site scripting
2015-01-13 15:59:00
openvas
openvas
WordPress Photocrati Theme 'prod_id' XSS Vulnerability
2015-01-22 00:00:00
cvelist
cvelist
CVE-2014-100016
2015-01-13 15:00:00
nvd
nvd
CVE-2014-100016
2015-01-13 15:59:04
patchstack
patchstack
WordPress Photocrati Theme - Cross Site Scripting
2015-01-13 00:00:00
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.6%
Related for CVE-2014-100016