Description
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Exploits (1)
References (1)
Core 1
Core References
Exploit, URL Repurposed x_refsource_misc
https://sitewat.ch/en/Advisories/19
Scores
EPSS
0.0028
EPSS Percentile
51.6%
Details
CWE
CWE-79
Status
published
Products (2)
webminimalist/web_minimalist_200901
1.0
webminimalist/web_minimalist_200901
< 1.1
Published
Sep 28, 2011
Tracked Since
Feb 18, 2026