Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Jun 16, 2026
CVE-2011-3865
CVE-2011-3865
Description
Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:ulyssesonline:black-letterhead:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ulyssesonline:black-letterhead:*:*:*:*:*:*:*:*range: <=1.5
- cpe:2.3:a:ulyssesonline:black-letterhead:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ulyssesonline:black-letterhead:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ulyssesonline:black-letterhead:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ulyssesonline:black-letterhead:1.4:*:*:*:*:*:*:*
- Range: <1.6
Patches
Vulnerability mechanics
References
1- sitewat.ch/en/Advisories/24nvdExploitURL Repurposed
News mentions
0No linked articles in our index yet.