Cross-Site Scripting Vulnerability in Photocrati Theme for WordPress
CVE-2014-100016

Currently unrated

Key Information:

Vendor

Wordpress
Status
Photocrati
Vendor
CVE Published:
13 January 2015

What is CVE-2014-100016?

The Photocrati theme for WordPress contains a vulnerability that allows remote attackers to execute arbitrary web scripts or inject HTML code via the prod_id parameter in the ecomm-sizes.php file. This flaw can lead to unauthorized actions and potentially compromise the security of affected websites. Proper input validation and sanitization measures are vital to mitigate such risks and enhance overall security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/56690
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/102717
vdb-entryx_refsource_OSVDB
http://packetstormsecurity.com/files/124986/WordPress-Pho...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.