ThreatPress

WordPress Vulnerabilities Database

Back

WordPress SimpleDark Theme <= 1.2.10 - XSS

Product
SimpleDark
Description
This WordPress theme is prone to a cross-site scripting (XSS) vulnerability via "s" parameter. It allows remote attackers to inject arbitrary script or HTML.
Solution
Update the theme.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Security Focus
CVE
Name CVE-N/A
Versions
Affected In <= 1.2.10
Fixed In 1.2.11
Disclosure date
2014-08-01
Credits
jabdah