Themes Vulnerabilities

Exquisite Ultimate Newspaper Theme <= 1.3.3 - DOM Cross-Site Scripting (XSS)

Description

The exquisite-wp WordPress theme was affected by a DOM Cross-Site Scripting (XSS) security vulnerability.

Proof of Concept

Affects Themes

exquisite-wp
No known fix

References

CVE
CVE-2015-9500
URL
https://packetstormsecurity.com/files/#131657/
URL
https://themeforest.net/item/exquisite-ultimate-newspaper-theme/6264019

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
d58b7948-b0b6-4ac1-93ce-7a2330d2ee46

Timeline

Publicly Published
2015-04-26 (about 11 years ago)
Added
2015-05-12 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-09-22
Title
BMI Adult & Kid Calculator <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2025-08-15
Title
Uji Countdown <= 2.3.3 - Reflected Cross-Site Scripting
Published
2023-11-07
Title
Live Gold Price & Silver Price Charts Widgets <= 2.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings
Published
2026-01-15
Title
Test Email <= 1.1.7 - Reflected Cross-Site Scripting
Published
2025-01-16
Title
Fast Tube <= 2.3.1 - Reflected Cross-Site Scripting