PT-2011-4727 · WordPress · Wordpress News Theme
Name of the Vulnerable Software and Affected Versions: WordPress News theme version prior to 0.2 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. This can lead to the execution of malicious scripts on the client-side...