VYPR
Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Jun 16, 2026

CVE-2011-3853

CVE-2011-3853

Description

Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.

Affected products

14
  • Themehybrid/Hybrid13 versions
    cpe:2.3:a:themehybrid:hybrid:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:themehybrid:hybrid:*:*:*:*:*:*:*:*range: <=0.9
    • cpe:2.3:a:themehybrid:hybrid:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:themehybrid:hybrid:0.8:beta1:*:*:*:*:*:*
  • WordPress/Hybridllm-create
    Range: <0.10

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.