Themes Vulnerabilities

Zenlite < 4.4 - XSS

Description

The ZenLite WordPress theme was affected by a XSS security vulnerability.

Affects Themes

zenlite
Fixed in 4.4

References

CVE
CVE-2011-3854

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
bf122303-87eb-4012-9c4c-28d95f3bf818

Timeline

Publicly Published
2011-09-27 (about 14 years ago)
Added
2019-08-23 (about 6 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2025-04-11
Title
Real Testimonials < 3.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-01-03
Title
PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode
Published
2025-04-24
Title
Fable Extra < 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-05-23
Title
Custom Fonts – Host Your Fonts Locally < 2.1.5 - Author+ Stored XSS
Published
2024-02-08
Title
All 404 Pages Redirect to Homepage < 2.0 - Unauthenticated Stored Cross-Site Scripting