Classipress <= 3.1.4 – Stored XSS | CVE 2011-5257

Affects Themes

classipress

Fixed in 3.1.5

References

CVE

CVE-2011-5257

Exploitdb

18053

URL

https://cxsecurity.com/issue/WLB-2011110001

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Verified

No

WPVDB ID

c71cea71-86a1-460b-a441-4cd028b2ce2f

Timeline

Publicly Published

2014-08-01 (about 11 years ago)

Added

2014-08-01 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2025-09-08

Title

Postie < 1.9.71 - Admin+ Stored XSS

Published

2023-02-15

Title

Quick Contact Form < 8.0.4 - Admin+ Stored XSS

Published

2023-09-03

Title

Audio Player with Playlist Ultimate < 1.3 - Contributor+ Stored XSS

Published

2025-07-01

Title

All-in-One Addons for Elementor – WidgetKit < 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via button+modal Widget

Published

2014-12-15

Title

SEO Redirection < 2.3 - Unauthenticated Stored Cross-Site Scripting (XSS)