Description
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Exploits (1)
References (2)
Core 2
Core References
Exploit, URL Repurposed x_refsource_misc
https://sitewat.ch/en/Advisories/18
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/50334
Scores
EPSS
0.0038
EPSS Percentile
59.7%
Details
CWE
CWE-79
Status
published
Products (21)
onedesigns/cover_wp
1.1
onedesigns/cover_wp
1.2
onedesigns/cover_wp
1.3
onedesigns/cover_wp
1.4
onedesigns/cover_wp
1.4.1
onedesigns/cover_wp
1.5
onedesigns/cover_wp
1.5.1
onedesigns/cover_wp
1.5.2
onedesigns/cover_wp
1.5.3
onedesigns/cover_wp
1.5.4
... and 11 more
Published
Sep 28, 2011
Tracked Since
Feb 18, 2026