Lucene search
HistorySep 28, 2011 - 10:55 a.m.
CVE-2011-3856
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
54.4%
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected configurations
Node
atastypixelelegant_grungeRange≤1.0.3
ORatastypixelelegant_grungeMatch0.1
ORatastypixelelegant_grungeMatch0.2
ORatastypixelelegant_grungeMatch0.2.1
ORatastypixelelegant_grungeMatch0.2.2
ORatastypixelelegant_grungeMatch0.3
ORatastypixelelegant_grungeMatch0.4.1
ORatastypixelelegant_grungeMatch0.4.2
ORatastypixelelegant_grungeMatch0.4.3
ORatastypixelelegant_grungeMatch0.4.4
ORatastypixelelegant_grungeMatch0.4.5
ORatastypixelelegant_grungeMatch1.0
ORatastypixelelegant_grungeMatch1.0.1
ORatastypixelelegant_grungeMatch1.0.2
wordpresswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| atastypixel | elegant_grunge | * | cpe:2.3:a:atastypixel:elegant_grunge:*:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.1 | cpe:2.3:a:atastypixel:elegant_grunge:0.1:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.2 | cpe:2.3:a:atastypixel:elegant_grunge:0.2:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.2.1 | cpe:2.3:a:atastypixel:elegant_grunge:0.2.1:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.2.2 | cpe:2.3:a:atastypixel:elegant_grunge:0.2.2:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.3 | cpe:2.3:a:atastypixel:elegant_grunge:0.3:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.4.1 | cpe:2.3:a:atastypixel:elegant_grunge:0.4.1:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.4.2 | cpe:2.3:a:atastypixel:elegant_grunge:0.4.2:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.4.3 | cpe:2.3:a:atastypixel:elegant_grunge:0.4.3:*:*:*:*:*:*:* |
| atastypixel | elegant_grunge | 0.4.4 | cpe:2.3:a:atastypixel:elegant_grunge:0.4.4:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2011-3856
2011-09-28 10:00:00
wpvulndb
wpvulndb
Elegant Grunge 1.0.3 - s Parameter XSS
2014-08-01 10:59:25
cve
cve
CVE-2011-3856
2011-09-28 10:55:04
prion
prion
Cross site scripting
2011-09-28 10:55:00
patchstack
patchstack
WordPress Elegant Grunge Theme 1.0.3 - Cross Site Scripting
2011-09-29 00:00:00
exploitdb
exploitdb
WordPress Theme Elegant Grunge 1.0.3 - 's' Cross-Site Scripting
2011-09-29 00:00:00
openvas
openvas
WordPress Multiple Themes 's' Parameter Cross Site Scripting Vulnerabilities
2011-10-04 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
54.4%
Related for NVD:CVE-2011-3856