Cakifo 1.0 – 1.6.1 XSS | CVE 2014-3903

Affects Themes

cakifo

Fixed in 1.6.2

References

CVE

CVE-2014-3903

URL

http://jayj.dk/security/JVN27531188.html

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

erwanlr

Verified

No

WPVDB ID

97142023-ccad-40f1-b456-78ea50f48d3c

Timeline

Publicly Published

2014-09-17 (about 11 years ago)

Added

2014-09-17 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2025-03-26

Title

WP Cassify < 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-04-02

Title

Awesome Logos <= 1.2 - Reflected Cross-Site Scripting

Published

2014-08-01

Title

DZS Video Gallery - deploy/preview.swf logoLink Parameter Reflected XSS

Published

2024-03-28

Title

Creative Image Slider – Responsive Slider Plugin < 2.5.0 - Reflected Cross-Site Scripting

Published

2024-03-28

Title

Booking Activities < 1.15.20 - Reflected Cross-Site Scripting