ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Custom Community Theme <= 2.0.24 - Stored XSS

Product
Custom Community
Description
Because of this vulnerability, any user can perform a stored XSS attack.
Solution
Update the theme.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Research-G0blin
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.24
Fixed In 2.0.25
Disclosure date
2015-03-09
Submitter
ThreatPress