CVE-2011-3858

Pixiv Custom <2.1.6 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by SiteWatch · textwebappsphp
https://www.exploit-db.com/exploits/36185

References (1)

Scores

EPSS 0.0037
EPSS Percentile 58.6%

Classification

CWE
CWE-79
Status published

Affected Products (32)

zespia/pixiv_custom < 2.1.5
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
zespia/pixiv_custom
... and 17 more

Timeline

Published Sep 28, 2011
Tracked Since Feb 18, 2026