Cross-site scripting (XSS) vulnerability in the Morning Coffee theme prior to 3.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adazing morning_coffee |
||
adazing morning_coffee 2.7 |
||
adazing morning_coffee 2.8 |
||
adazing morning_coffee 2.9 |
||
adazing morning_coffee 3.0 |
||
adazing morning_coffee 3.1 |
||
adazing morning_coffee 3.2 |
||
adazing morning_coffee 3.4 |