Cakifo Theme 1.x XSS Vulnerability in Exif Data Injection

CVE-2014-3903 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data.

Learn more about our Wordpress Pen Testing.