CVE-2011-3850

Atahualpa <3.6.8 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by SiteWatch · textwebappsphp
https://www.exploit-db.com/exploits/36178

References (3)

Scores

EPSS 0.0123
EPSS Percentile 79.0%

Classification

CWE
CWE-79
Status published

Affected Products (32)

bytesforall/atahualpa < 3.6.7
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
bytesforall/atahualpa
... and 17 more

Timeline

Published Sep 28, 2011
Tracked Since Feb 18, 2026