Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme prior to 1.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ulyssesonline black-letterhead |
||
ulyssesonline black-letterhead 1.1 |
||
ulyssesonline black-letterhead 1.2 |
||
ulyssesonline black-letterhead 1.3 |
||
ulyssesonline black-letterhead 1.4 |