EUVD-2014-3840

Malware in sbrugna...

Cakifo 1.0 - 1.6.1 XSS

The Cakifo WordPress theme was affected by a 1.6.1 XSS security vulnerability...

CVE-2014-3903

Cross-site scripting XSS vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data...

CVE-2014-3903

Cross-site scripting XSS vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data...

CVE-2014-3903

The CVE-2014-3903 issue affects the WordPress Cakifo theme (1.x) before 1.6.2. The vulnerability is a cross-site scripting (XSS) flaw that lets remote authenticated users inject arbitrary web script or HTML via crafted Exif data. The underlying risk comes from the theme’s handling of Exif metadat...

Cakifo vulnerable to cross-site scripting

Overview Cakifo is a theme for WordPress. Cakifo contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on...

JVN#27531188: Cakifo vulnerable to cross-site scripting

Cakifo is a theme for WordPress. Cakifo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the theme Update to the latest version according to the information provided by the developer. Products Affected Cakifo 1.0 ...

WordPress Cakifo Theme <= 1.6.1 - XSS

Because of this vulnerability, authenticated users can inject arbitrary web script or HTML via crafted Exif data. Solution Update the theme...