Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Apr 29, 2026
CVE-2011-3854
CVE-2011-3854
Description
Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected products
25cpe:2.3:a:quirm:zenlite:*:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:quirm:zenlite:*:*:*:*:*:*:*:*range: <=4.3
- cpe:2.3:a:quirm:zenlite:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.51:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.52:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.60:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:3.61:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:quirm:zenlite:4.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- sitewat.ch/en/Advisories/12nvdExploitURL Repurposed
- secunia.com/advisories/46296nvd
News mentions
0No linked articles in our index yet.