CVE-2011-3855

WordPress F8 Lite <4.2.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by SiteWatch · textwebappsphp
https://www.exploit-db.com/exploits/36180

References (1)

Scores

EPSS 0.0037
EPSS Percentile 58.6%

Classification

CWE
CWE-79
Status published

Affected Products (8)

graphpaperpress/f8_lite < 4.2.1
graphpaperpress/f8_lite
graphpaperpress/f8_lite
graphpaperpress/f8_lite
graphpaperpress/f8_lite
graphpaperpress/f8_lite
graphpaperpress/f8_lite
n/a/n/a

Timeline

Published Sep 28, 2011
Tracked Since Feb 18, 2026