CVE-2011-3854

Published Sep 28, 2011

Last updated 9 months ago

Overview

Description: Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EF5D187-4FB1-4CB8-ABF3-AFE17BD50579",
            "versionEndIncluding": "4.3"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E668C03-2520-4A53-8296-3686DB46F183"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDEE72DC-7B50-4D48-ABD2-FCA88E5DCAC8"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18DC0DC7-2078-42E8-BD96-2A9DC54AB1F7"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1137BE44-AE4D-431C-B571-870507DE1DEA"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "881C9D2B-BA5B-4F57-B713-36B54318FB67"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "420E9A86-9DD9-4BCD-8F22-99082E59992D"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64CA4C74-162B-47F4-8D93-EE5E08095764"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D54D12D4-2384-4D85-A617-DB1C74DFDC71"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA059627-DE1E-4FD6-A948-0457AC7A656E"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3F1712A-7577-4B5C-A7E7-CAAF1F4E135D"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EA82063-08B7-4768-97B9-A12A11CDE321"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2A8B268-DD17-4640-B1F3-CCE97474455C"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EADF0129-9858-4A8D-BC21-0D8AB404C138"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B0B7A39-0C29-461C-AAB6-7BC75C225AE0"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40639E70-B4EA-4FCD-9601-33EB39C25E76"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46F882E8-3726-4A6B-B95A-7F7D5BCE543F"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E8BE12D-5877-44EA-812F-3DF53F879D84"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4ED0D361-5142-46C6-A5D5-59E4230E02AB"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A40B644-0A06-4656-B632-EED1B8F4A2C6"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30723B08-FE3A-4023-A494-653A20AB88A2"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:3.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E8B929C-5950-4B24-9BB6-437974BA16BD"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFA4A1FA-31CE-4AFC-9EE2-6A3C2D2BCC05"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B31EA937-4EAB-44F5-86CE-4C59F2D793B6"
          },
          {
            "criteria": "cpe:2.3:a:quirm:zenlite:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28D3F1A8-5B15-430A-8739-8BA169A73CAF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "847DA578-4655-477E-8A6F-99FBE738E4F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References