MidnightBSD

Advisories for adazing

CVE-2011-3862 MEDIUM

Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
adazing morning_coffee 3.4
adazing morning_coffee 2.7
adazing morning_coffee 3.0
adazing morning_coffee 3.2
adazing morning_coffee 2.9
adazing morning_coffee 3.1
adazing morning_coffee *
adazing morning_coffee 2.8