Lucene search
K

33 matches found

Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.4 views

PT-2024-17972 · WordPress · Colibri Wp

Name of the Vulnerable Software and Affected Versions: Colibri WP theme for WordPress versions up to, and including, 1.0.94 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the colibriwp install plugin function. This allows...

4.3CVSS5.3AI score0.00212EPSS
Exploits0References5
CNVD
CNVD
added 2017/01/16 12:0 a.m.2 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2017-00615)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the theme-namefallback feature of the...

6.1CVSS5.8AI score0.02436EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/01/15 2:59 a.m.28 views

CVE-2017-5490

Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...

6.1CVSS7AI score0.02436EPSS
Exploits0References8
securityvulns
securityvulns
added 2013/07/08 12:0 a.m.51 views

FPD, XSS and CS vulnerabilities in Slash WP theme for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site Scripting and Content Spoofing vulnerabilities. ------------------------- Affected products: -------------------------...

6AI score
Exploits0
0day.today
0day.today
added 2013/06/22 12:0 a.m.25 views

WordPress Slash Theme XSS / Spoofing / Disclosure Vulnerabilities

The Slash theme for WordPress suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities. Hello list! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/21 12:0 a.m.45 views

WordPress Slash Theme XSS / Spoofing / Disclosure

Hello list! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site Scripting and Content Spoofing vulnerabilities. ------------------------- Affected products: -------------------------...

Exploits0
securityvulns
securityvulns
added 2013/02/04 12:0 a.m.53 views

Multiple vulnerabilities in Chocolate WP theme for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in Chocolate WP theme for WordPress. This is commercial theme for WP. These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service and Arbitrary File Upload vulnerabilities. In 2011 I wrote about...

0.9AI score
Exploits0
0day.today
0day.today
added 2013/01/24 12:0 a.m.23 views

WordPress Chocolate WP Theme Multiple vulnerabilities

These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service and Arbitrary File Upload vulnerabilities. Hello list! I want to warn you about multiple vulnerabilities in Chocolate WP theme for WordPress. This is commercial theme for WP. These are Cross-Site...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/23 12:0 a.m.26 views

WordPress Chocolate Theme XSS / Denial Of Service / Shell Upload

Hello list! I want to warn you about multiple vulnerabilities in Chocolate WP theme for WordPress. This is commercial theme for WP. These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service and Arbitrary File Upload vulnerabilities. In 2011 I wrote about...

Exploits0
NVD
NVD
added 2011/09/28 10:55 a.m.25 views

CVE-2011-3860

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03407EPSS
Exploits1References2
Prion
Prion
added 2011/09/28 10:55 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6.2AI score0.03407EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2011/09/28 10:0 a.m.48 views

CVE-2011-3860

The CVE-2011-3860 entry describes a cross-site scripting (XSS) vulnerability in the WordPress Cover WP theme prior to version 1.6.6. The issue affects the theme’s s parameter, allowing remote attackers to inject arbitrary scripts or HTML. Root cause is improper handling/cleanup of user input in t...

4.3CVSS5.9AI score0.03407EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2011/09/24 12:0 a.m.21 views

WordPress Cover WP Theme 1.6.5 - Cross Site Scripting

WordPress Cover WP theme's "s" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-base...

4.3CVSS2.7AI score0.03407EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder