Lucene search
HistorySep 28, 2011 - 10:55 a.m.
CVE-2011-3860
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.4%
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected configurations
Node
onedesignscover_wpRange≤1.6.5
ORonedesignscover_wpMatch1.1
ORonedesignscover_wpMatch1.2
ORonedesignscover_wpMatch1.3
ORonedesignscover_wpMatch1.4
ORonedesignscover_wpMatch1.4.1
ORonedesignscover_wpMatch1.5
ORonedesignscover_wpMatch1.5.1
ORonedesignscover_wpMatch1.5.2
ORonedesignscover_wpMatch1.5.3
ORonedesignscover_wpMatch1.5.4
ORonedesignscover_wpMatch1.5.5
ORonedesignscover_wpMatch1.5.6
ORonedesignscover_wpMatch1.5.7
ORonedesignscover_wpMatch1.5.8
ORonedesignscover_wpMatch1.5.9
ORonedesignscover_wpMatch1.6
ORonedesignscover_wpMatch1.6.1
ORonedesignscover_wpMatch1.6.2
ORonedesignscover_wpMatch1.6.3
ORonedesignscover_wpMatch1.6.4
wordpresswordpress
Related
cve
cve
CVE-2011-3860
2011-09-28 10:55:04
cvelist
cvelist
CVE-2011-3860
2011-09-28 10:00:00
patchstack
patchstack
WordPress Cover WP Theme 1.6.5 - Cross Site Scripting
2011-09-24 00:00:00
prion
prion
Cross site scripting
2011-09-28 10:55:00
wpvulndb
wpvulndb
Cover WP < 1.6.6 - XSS
2011-10-24 00:00:00
openvas
openvas
WordPress Multiple Themes 's' Parameter Cross Site Scripting Vulnerabilities
2011-10-04 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.4%
Related for NVD:CVE-2011-3860