Description
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by SiteWatch · textwebappsphp
https://www.exploit-db.com/exploits/36181
References (1)
Core 1
Core References
Exploit, URL Repurposed x_refsource_misc
https://sitewat.ch/en/Advisories/14
Scores
EPSS
0.0028
EPSS Percentile
51.6%
Details
CWE
CWE-79
Status
published
Products (14)
atastypixel/elegant_grunge
0.1
atastypixel/elegant_grunge
0.2
atastypixel/elegant_grunge
0.2.1
atastypixel/elegant_grunge
0.2.2
atastypixel/elegant_grunge
0.3
atastypixel/elegant_grunge
0.4.1
atastypixel/elegant_grunge
0.4.2
atastypixel/elegant_grunge
0.4.3
atastypixel/elegant_grunge
0.4.4
atastypixel/elegant_grunge
0.4.5
... and 4 more
Published
Sep 28, 2011
Tracked Since
Feb 18, 2026