Themes Vulnerabilities

Salutation Responsive WordPress + BuddyPress Theme <= 3.0.15 - Stored XSS

Description

The salutation-wp WordPress theme was affected by a Stored XSS security vulnerability.

Affects Themes

salutation-wp
Fixed in 3.0.16

References

URL
https://advisories.dxw.com/advisories/stored-xss-salutation-theme/
URL
https://seclists.org/fulldisclosure/2017/Jul/92

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6f9188f8-063d-4d46-bcf3-3aa55d0cbd5f

Timeline

Publicly Published
2017-07-31 (about 8 years ago)
Added
2017-08-01 (about 8 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2023-03-20
Title
Auto Rename Media On Upload < 1.1.0 - Admin+ Stored XSS
Published
2024-07-11
Title
JavaScript Logic <= 0.1 - CSRF to Stored XSS
Published
2023-01-20
Title
Media Library Categories < 2.0.0 - Admin+ Stored XSS
Published
2014-12-12
Title
Simple Visitor Stat <= 1.0 - Multiple XSS
Published
2024-03-25
Title
FlatPM < 3.1.05 - Authenticated (Contributor+) Stored Cross-Site Scripting