VYPR
Unrated severityNVD Advisory· Published Sep 28, 2011· Updated Jun 16, 2026

CVE-2011-3865

CVE-2011-3865

Description

Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:ulyssesonline:black-letterhead:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:ulyssesonline:black-letterhead:*:*:*:*:*:*:*:*range: <=1.5
    • cpe:2.3:a:ulyssesonline:black-letterhead:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ulyssesonline:black-letterhead:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ulyssesonline:black-letterhead:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ulyssesonline:black-letterhead:1.4:*:*:*:*:*:*:*
  • Range: <1.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.