Themes Vulnerabilities

Atahualpa Theme - Authenticated Cross-Site Scripting (XSS)

Description

The Atahualpa WordPress theme was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Themes

atahualpa
No known fix

References

URL
https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_atahualpa_wordpress_theme.html
URL
https://seclists.org/fulldisclosure/2017/Feb/83

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
215dd32d-3bf9-46e7-aa20-7e3f1847b49e

Timeline

Publicly Published
2017-03-01 (about 9 years ago)
Added
2017-03-02 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2023-12-29
Title
Auto Amazon Links < 5.1.2 - Contributor+ Stored XSS
Published
2025-01-07
Title
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates < 5.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting
Published
2024-05-03
Title
Swift Framework <= 2.7.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes
Published
2024-11-21
Title
MailMunch – Grow your Email List < 3.2.0 - Reflected Cross-Site Scripting
Published
2024-07-19
Title
WP eStore < 8.5.6 - Reflected XSS in Product Editing