Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Apr 29, 2026
CVE-2011-3853
CVE-2011-3853
Description
Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.
Affected products
13cpe:2.3:a:themehybrid:hybrid:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:themehybrid:hybrid:*:*:*:*:*:*:*:*range: <=0.9
- cpe:2.3:a:themehybrid:hybrid:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:themehybrid:hybrid:0.8:beta1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- sitewat.ch/en/Advisories/11nvdExploitURL Repurposed
News mentions
0No linked articles in our index yet.