WordPress Cakifo Theme <= 1.6.1 - XSS

2014-05-2700:00:00

Yuji Tounai

patchstack.com

EPSS

0.001

Percentile

46.4%

Because of this vulnerability, authenticated users can inject arbitrary web script or HTML via crafted Exif data.

Solution

           Update the theme.

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3903

EPSS

0.001

Percentile

46.4%

Related for PATCHSTACK:1AFB158E96004068B4680B44BDBAE847