Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Apr 29, 2026
CVE-2011-3860
CVE-2011-3860
Description
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected products
21cpe:2.3:a:onedesigns:cover_wp:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:onedesigns:cover_wp:*:*:*:*:*:*:*:*range: <=1.6.5
- cpe:2.3:a:onedesigns:cover_wp:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:onedesigns:cover_wp:1.6.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- sitewat.ch/en/Advisories/18nvdExploitURL Repurposed
- www.securityfocus.com/bid/50334nvd
News mentions
0No linked articles in our index yet.