MidnightBSD

Advisories for bytesforall

CVE-2011-3850 MEDIUM

Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
bytesforall atahualpa 2.0
bytesforall atahualpa 3.4.1
bytesforall atahualpa 3.1.5
bytesforall atahualpa 2.01
bytesforall atahualpa 3.2
bytesforall atahualpa 3.4.4
bytesforall atahualpa 3.1.9
bytesforall atahualpa 3.6.4
bytesforall atahualpa 3.6.6
bytesforall atahualpa 3.1
bytesforall atahualpa 3.4.3
bytesforall atahualpa 3.6.1
bytesforall atahualpa 3.4.01
bytesforall atahualpa 2.21
bytesforall atahualpa 3.1.2
bytesforall atahualpa 3.4.5
bytesforall atahualpa 3.6
bytesforall atahualpa 3.4.6
bytesforall atahualpa 3.1.6
bytesforall atahualpa 3.1.4
bytesforall atahualpa 2.2
bytesforall atahualpa 3.1.1
bytesforall atahualpa 3.4.9
bytesforall atahualpa *
bytesforall atahualpa 3.5.4
bytesforall atahualpa 3.5.2
bytesforall atahualpa 3.6.2
bytesforall atahualpa 3.1.8
bytesforall atahualpa 3.4
bytesforall atahualpa 3.6.3
bytesforall atahualpa 3.1.3
CVE-2017-20085 LOW

A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
bytesforall atahualpa -
CVE-2017-20088 MEDIUM

A vulnerability classified as problematic has been found in Atahualpa Theme. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4
cna@vuldb.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
bytesforall atahualpa *
CVE-2024-27948

Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects Atahualpa: from n/a through 3.7.24.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 2.8 2.5

Products Affected

Vendor Product Version
bytesforall atahualpa *