EUVD-2016-1944

Malware in sbrugna...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

WordPress Headway theme cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Headway theme versions prior to 3.8.9. The...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

Design/Logic Flaw

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

CVE-2016-10953

The CVE-2016-10953 entry concerns an XSS flaw in the WordPress Headway theme, fixed in versions prior to 3.8.9. Affected component: Headway theme license key field. Root cause: lack of input validation/encoding in the license key handling leading to cross-site scripting. Impact: enables injection...

PT-2019-7746 · Headway · Headway

Name of the Vulnerable Software and Affected Versions: Headway theme versions prior to 3.8.9 Description: The issue concerns a Cross-Site Scripting XSS flaw. This type of flaw occurs when an application includes user input in its output without proper validation or encoding, allowing an attacker ...