Multiple Themes – PrettyPhoto DOM XSS | CVE 2013-6837

Affects Themes

persuasion

Fixed in 2.8.6

more

No known fix

infocus

No known fix

References

CVE

CVE-2013-6837

URL

https://packetstormsecurity.com/files/#124960/

URL

https://github.com/scaron/prettyphoto/issues/149

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Verified

No

WPVDB ID

4a113372-a686-44bc-877b-945cdfd1f1c2

Timeline

Publicly Published

2014-08-01 (about 9 years ago)

Added

2014-08-01 (about 9 years ago)

Last Updated

2019-11-01 (about 4 years ago)

Other

Published

Title

Published

2023-10-12

Title

Embed Calendly < 3.7 Contributor+ Stored XSS

Published

2024-03-22

Title

Page Builder by SiteOrigin < 2.29.7 - Contributor+ Stored XSS

Published

2022-10-27

Title

Gallery with Thumbnail Slider < 6.1 - Contributor+ Stored XSS

Published

2023-03-20

Title

FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field

Published

2021-09-13

Title

Quiz And Survey Master < 7.3.2 - Admin+ Stored Cross-Site Scripting