Themes Vulnerabilities

WooThemes Daily Edition <= 1.6.2 - Cross-Site Scripting (XSS)

Description

According to the original advisory "The code programming flaw occurs at 'fiche-disque.php?' page with 'id' parameters."

Affects Themes

dailyedition
No known fix

References

URL
https://packetstormsecurity.com/files/#130752/
URL
http://www.woothemes.com/products/daily-edition/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
d28b9ce0-136b-441c-bd76-61fbe6b565b3

Timeline

Publicly Published
2015-03-10 (about 11 years ago)
Added
2015-03-16 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2022-01-10
Title
WooCommerce – Store Exporter < 2.7.1 - Reflected Cross-Site Scripting (XSS)
Published
2021-09-09
Title
WordPress 5.4 to 5.8 - Authenticated XSS in Block Editor
Published
2025-09-23
Title
Themify Builder < 7.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2021-06-16
Title
W3 Total Cache < 2.1.3 - Authenticated Stored XSS
Published
2023-11-17
Title
Biteship for WooCommerce < 2.2.25 - Reflected Cross-Site Scripting