ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WooThemes Live Wire theme - Cross-Site Scripting

Product
Live Wire
Description
WordPress WooThemes Live Wire theme is prone to a cross-site scripting vulnerability. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication credentials. Other attacks are also possible.
Solution
Update the theme.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In 1.0
Fixed In 1.1
Disclosure date
2011-06-06
Credits
MustLive