Akal Theme – Reflected Cross-Site Scripting (XSS) | CVE 2016-10957

Affects Themes

akal

No known fix

References

CVE

CVE-2016-10957

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.1 (medium)

Miscellaneous

Submitter

Jan Reilink

Submitter website

https://www.saotn.org

Submitter twitter

@hertogjanr

Verified

No

WPVDB ID

d0f9d91f-fd79-4f96-9001-94ce94529035

Timeline

Publicly Published

2016-08-22 (about 9 years ago)

Added

2016-08-22 (about 9 years ago)

Last Updated

2020-09-22 (about 5 years ago)

Other

Published

Title

Published

2024-08-29

Title

WP Booking Calendar < 10.5.1 - Reflected Cross-Site Scripting

Published

2017-06-16

Title

Download Manager <= 2.9.51 - Authenticated Reflected Cross-Site Scripting (XSS)

Published

2014-08-01

Title

WP Forum Server <= 1.7.3 - fs-admin/fs-admin.php Multiple Parameter XSS

Published

2024-02-29

Title

Exclusive Addons for Elementor < 2.6.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget

Published

2023-05-30

Title

Call Now Icon Animate <= 0.1.0 - Admin+ Stored XSS