Published: 17/06/2015 Updated: 09/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in example.html in Genericons prior to 3.3.1, as used in WordPress prior to 4.2.2, allows remote malicious users to inject arbitrary web script or HTML via a fragment identifier.

Vulnerable Product	Search on Vulmon	Subscribe to Product
automattic genericons
debian debian linux 8.0

Several vulnerabilities have been found in Wordpress, the popular blogging engine CVE-2015-3429 The file examplehtml in the Genericicons icon font package and twentyfifteen Wordpress theme allowed for cross site scripting CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved The parsing is a bit more ...

WordPress Twenty Fifteen theme version 421 suffers from a cross site scripting vulnerability ...

Week7&8 - Wordpress vs Kali 1 Performing the XSS using a post on Wordpress Performed XSS by i

CWE-79 https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7 https://wordpress.org/news/2015/05/wordpress-4-2-2/https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability http://seclists.org/fulldisclosure/2015/May/41 http://www.debian.org/security/2015/dsa-3328 http://www.securityfocus.com/bid/74534 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html https://wpvulndb.com/vulnerabilities/7965 http://www.securityfocus.com/archive/1/535486/100/1000/threaded https://nvd.nist.gov https://github.com/fdiwan000/Wordpress_exploit_using_Kali_Linux https://www.debian.org/security/./dsa-3328

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-3429

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect