CVE-2011-3860

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2011-3860

The CVE-2011-3860 entry describes a cross-site scripting (XSS) vulnerability in the WordPress Cover WP theme prior to version 1.6.6. The issue affects the theme’s s parameter, allowing remote attackers to inject arbitrary scripts or HTML. Root cause is improper handling/cleanup of user input in t...

WordPress Cover WP Theme 1.6.5 - Cross Site Scripting

WordPress Cover WP theme's "s" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-base...