Themes Vulnerabilities
Modern Theme <= 1.4.1 - DOM Cross-Site Scripting (XSS)
Description
The Modern WordPress theme was affected by a DOM Cross-Site Scripting (XSS) security vulnerability.
Proof of Concept
http://www.example.com/wp-content/themes/modern/genericons/example.html#<img src=x onerror=alert(1)>
Affects Themes
Fixed in 1.4.2
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Submitter
ethicalhack3r
Submitter twitter
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2015-05-12 (about 9 years ago)
Added
2015-05-14 (about 8 years ago)
Last Updated
2020-09-22 (about 3 years ago)