Cakifo Theme 1.x XSS Vulnerability in Exif Data Injection
CVE-2014-3903 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data.
Learn more about our Wordpress Pen Testing.