CVE-2011-3854

ZenLite <4.4 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

References (2)

[Exploit, URL Repurposed] https://sitewat.ch/en/Advisories/12

[Third Party Advisory] http://secunia.com/advisories/46296

Scores

EPSS 0.0019

EPSS Percentile 40.2%

Classification

CWE

CWE-79

Status published

Affected Products (26)

quirm/zenlite < 4.3

quirm/zenlite

... and 11 more

Timeline

Published Sep 28, 2011

Tracked Since Feb 18, 2026